Scenario
There are many third-party libraries used in Confluence which might be affected by some security vulnerabilities. In many of these cases, they are resolved in the later version of these libraries.
Generally, we would have to wait for the next Confluence upgrade that will contain these updated libraries to mitigate these security risks.

Suggestion
Confluence should provide the ability to upgrade third party libraries like Jquery separately i.e without the need to upgrade the Confluence itself. This would help a lot in mitigating security risks and also prevent delays in waiting for the next Confluence version containing the updated libraries.