diff --git a/.changelog/11662.txt b/.changelog/11662.txt
new file mode 100644
index 000000000..6c6f02d2f
--- /dev/null
+++ b/.changelog/11662.txt
@@ -0,0 +1,3 @@
+```release-note:security
+Updated to Go 1.17.5. Go 1.17.3 contained 2 CVEs. [CVE-2021-44717](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44717) could allow a task on a Unix system with exhausted file handles to misdirect I/O. [CVE-2021-44716](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44716) could create unbounded memory growth in HTTP2 servers. Nomad servers do not use HTTP2.
+```
diff --git a/.circleci/config.yml b/.circleci/config.yml
index 88bb0d3e2..3ea457616 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -512,7 +512,7 @@ executors:
   go:
     working_directory: /go/src/github.com/hashicorp/nomad
     docker:
-      - image: docker.mirror.hashicorp.services/golang:1.17.3
+      - image: docker.mirror.hashicorp.services/golang:1.17.5
     environment:
       <<: *common_envs
       GOPATH: /go
@@ -524,7 +524,7 @@ executors:
     environment: &machine_env
       <<: *common_envs
       GOPATH: /home/circleci/go
-      GOLANG_VERSION: 1.17.3
+      GOLANG_VERSION: 1.17.5
 
   # uses a more recent image with unattended upgrades disabled properly
   # but seems to break docker builds
@@ -541,7 +541,7 @@ executors:
     environment:
       <<: *common_envs
       GOPATH: /Users/distiller/go
-      GOLANG_VERSION: 1.17.3
+      GOLANG_VERSION: 1.17.5
 
   go-windows:
     machine:
@@ -553,7 +553,7 @@ executors:
       GOPATH: c:\gopath
       GOBIN: c:\gopath\bin
       GOTESTSUM_PATH: c:\tmp\test-reports
-      GOLANG_VERSION: 1.17.3
+      GOLANG_VERSION: 1.17.5
       GOTESTSUM_VERSION: 0.4.2
       VAULT_VERSION: 1.4.1
 
diff --git a/contributing/README.md b/contributing/README.md
index 2401cf745..2a809305d 100644
--- a/contributing/README.md
+++ b/contributing/README.md
@@ -30,7 +30,7 @@ A development environment is supplied via Vagrant to make getting started easier
 
 Developing without Vagrant
 ---
-1. Install [Go 1.17.3+](https://golang.org/) *(Note: `gcc-go` is not supported)*
+1. Install [Go 1.17.5+](https://golang.org/) *(Note: `gcc-go` is not supported)*
 1. Clone this repo
    ```sh
    $ git clone https://github.com/hashicorp/nomad.git
diff --git a/scripts/release/mac-remote-build b/scripts/release/mac-remote-build
index 7027058bd..bce570535 100755
--- a/scripts/release/mac-remote-build
+++ b/scripts/release/mac-remote-build
@@ -56,7 +56,7 @@ REPO_PATH="${TMP_WORKSPACE}/gopath/src/github.com/hashicorp/nomad"
 mkdir -p "${TMP_WORKSPACE}/tmp"
 
 install_go() {
-  local go_version="1.17.3"
+  local go_version="1.17.5"
   local download=
 
   download="https://storage.googleapis.com/golang/go${go_version}.darwin-amd64.tar.gz"
diff --git a/scripts/vagrant-linux-priv-go.sh b/scripts/vagrant-linux-priv-go.sh
index 7efb21eb2..6b066f02c 100755
--- a/scripts/vagrant-linux-priv-go.sh
+++ b/scripts/vagrant-linux-priv-go.sh
@@ -3,7 +3,7 @@
 set -o errexit
 
 function install_go() {
-	local go_version="1.17.3"
+	local go_version="1.17.5"
 	local download="https://storage.googleapis.com/golang/go${go_version}.linux-amd64.tar.gz"
 
 		if go version 2>&1 | grep -q "${go_version}"; then