diff --git a/kube-fluentd-operator.yaml b/kube-fluentd-operator.yaml
index d54b8fa8a4a..364fcd21181 100644
--- a/kube-fluentd-operator.yaml
+++ b/kube-fluentd-operator.yaml
@@ -1,7 +1,7 @@
 package:
   name: kube-fluentd-operator
-  version: 1.17.4
-  epoch: 4
+  version: 1.17.4 # when updating: check if we can remove CVE-2023-1428 and CVE-2023-32732 mitigation below
+  epoch: 5
   description: Auto-configuration of Fluentd daemon-set based on Kubernetes metadata
   copyright:
     - license: MIT
@@ -68,6 +68,9 @@ pipeline:
       cd fluent-plugin-google-cloud
       git checkout ${{vars.FLUENT_PLUGIN_GOOGLE_CLOUD_COMMIT}}
 
+      # Mitigate CVE-2023-1428 and CVE-2023-32732
+      sed -i "s/gem.add_runtime_dependency 'grpc', '1.52.0'/gem.add_runtime_dependency 'grpc', '1.54.0'/g" fluent-plugin-google-cloud.gemspec
+
       bundle config set --local path ${GEM_DIR}
       bundle config set --local without 'development test'
       bundle install