diff --git a/.changelog/1975.txt b/.changelog/1975.txt
new file mode 100644
index 0000000000..d2de810631
--- /dev/null
+++ b/.changelog/1975.txt
@@ -0,0 +1,3 @@
+```release-note:security
+Upgrade to use Go 1.19.6. This resolves vulnerabilities CVE-2022-41724 in crypto/tls and CVE-2022-41723 in net/http.
+```
\ No newline at end of file
diff --git a/.circleci/config.yml b/.circleci/config.yml
index 05f6a209e9..11517a6c43 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -6,7 +6,7 @@ orbs:
 executors:
   go:
     docker:
-      - image: docker.mirror.hashicorp.services/cimg/go:1.18.3
+      - image: docker.mirror.hashicorp.services/cimg/go:1.19.6
     environment:
       TEST_RESULTS: /tmp/test-results # path to where test results are saved
 
@@ -34,9 +34,9 @@ commands:
       - run:
           name: Install go, gotestsum, kind, kubectl, and helm
           command: |
-            wget https://golang.org/dl/go1.18.3.linux-amd64.tar.gz
-            sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.18.3.linux-amd64.tar.gz
-            rm go1.18.3.linux-amd64.tar.gz
+            wget https://golang.org/dl/go1.19.6.linux-amd64.tar.gz
+            sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.19.6.linux-amd64.tar.gz
+            rm go1.19.6.linux-amd64.tar.gz
             echo 'export PATH=$PATH:/usr/local/go/bin' >> $BASH_ENV
 
             wget https://github.com/gotestyourself/gotestsum/releases/download/v1.6.4/gotestsum_1.6.4_linux_amd64.tar.gz
diff --git a/.go-version b/.go-version
index b9fb27ab4f..2a4feaf54c 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.18.3
+1.19.6