diff --git a/h2o-assemblies/main/build.gradle b/h2o-assemblies/main/build.gradle
index f3365b0f8359..63fcca999172 100644
--- a/h2o-assemblies/main/build.gradle
+++ b/h2o-assemblies/main/build.gradle
@@ -57,6 +57,10 @@ dependencies {
         api('net.minidev:json-smart:2.4.10') {
             because 'Fixes CVE-2023-1370'
         }
+        api('org.jetbrains.kotlin:kotlin-stdlib:1.6.21') {
+            because 'Fixes CVE-2020-29582'
+            because 'Fixes CVE-2022-24329'
+        }
         api('org.codehaus.jettison:jettison:1.5.4') {
             because 'Fixes CVE-2023-1436'
             because 'Fixes CVE-2022-45693'
diff --git a/h2o-assemblies/steam/build.gradle b/h2o-assemblies/steam/build.gradle
index ae6305f20dfc..81b2ad9d3f85 100644
--- a/h2o-assemblies/steam/build.gradle
+++ b/h2o-assemblies/steam/build.gradle
@@ -65,8 +65,9 @@ dependencies {
             because 'Fixes CVE-2022-40150'
             because 'Fixes CVE-2022-40149'
         }
-        api('org.jetbrains.kotlin:kotlin-stdlib:1.4.32') {
+        api('org.jetbrains.kotlin:kotlin-stdlib:1.6.21') {
             because 'Fixes CVE-2020-29582'
+            because 'Fixes CVE-2022-24329'
         }
         api('com.google.guava:guava:32.0.1-jre') {
             because 'Fixes CVE-2023-2976'