diff --git a/h2o-assemblies/main/build.gradle b/h2o-assemblies/main/build.gradle
index e1c421cdd9f8..8e77ba6a1993 100644
--- a/h2o-assemblies/main/build.gradle
+++ b/h2o-assemblies/main/build.gradle
@@ -55,10 +55,11 @@ dependencies {
     api "com.google.protobuf:protobuf-java:3.21.7"
 
     constraints {
-        api('com.fasterxml.jackson.core:jackson-databind:2.16.1') {
+        api('com.fasterxml.jackson.core:jackson-databind:2.17.2') {
             because 'Fixes CVE-2022-42003'
             because 'Fixes PRISMA-2023-0067'
             because 'Fixes CVE-2023-35116'
+            because 'Fixes sonatype-2024-0171'
         }
         api('org.jetbrains.kotlin:kotlin-stdlib:1.6.21') {
             because 'Fixes CVE-2020-29582'
diff --git a/h2o-assemblies/steam/build.gradle b/h2o-assemblies/steam/build.gradle
index 6391acd96609..05dd706e4901 100644
--- a/h2o-assemblies/steam/build.gradle
+++ b/h2o-assemblies/steam/build.gradle
@@ -51,10 +51,11 @@ dependencies {
     api "com.google.oauth-client:google-oauth-client:1.33.3"
 
     constraints {
-        api('com.fasterxml.jackson.core:jackson-databind:2.16.1') {
+        api('com.fasterxml.jackson.core:jackson-databind:2.17.2') {
             because 'Fixes CVE-2022-42003'
             because 'Fixes PRISMA-2023-0067'
             because 'Fixes CVE-2023-35116'
+            because 'Fixes sonatype-2024-0171'
         }
         api('org.codehaus.jettison:jettison:1.5.4') {
             because 'Fixes CVE-2023-1436'