jQuery and moment.js outdated versions

Are there any plans to update jQuery to 3.x line? The version being used currently (v2.1.4) can make the application vulnerable to XSS.
Furthermore, vendor.js resource uses a moment.js versions that is quite outdated - 2.10.6. Are there any plans to also update this one?

At my company we had a pentest for a Sentry instance running on k8s, and currently the release is being blocked because of these findings. I guess this might also happen in many other places.