diff --git a/Dockerfile b/Dockerfile
index 6c115636f..b18f45ca4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-FROM --platform=$BUILDPLATFORM golang:1.17.11 as builder-env
+FROM --platform=$BUILDPLATFORM golang:1.17.13 as builder-env
 
 ARG GOPROXY
 ARG PKG
diff --git a/changelogs/unreleased/5286-qiuming-best b/changelogs/unreleased/5286-qiuming-best
new file mode 100644
index 000000000..c1e8053e2
--- /dev/null
+++ b/changelogs/unreleased/5286-qiuming-best
@@ -0,0 +1 @@
+Fix CVE-2022-1962 by bumping up golang version to 1.17.13
diff --git a/hack/build-image/Dockerfile b/hack/build-image/Dockerfile
index 8948080d0..468074e40 100644
--- a/hack/build-image/Dockerfile
+++ b/hack/build-image/Dockerfile
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM golang:1.17.11
+FROM golang:1.17.13
 
 ARG GOPROXY