diff --git a/CHANGELOG.md b/CHANGELOG.md
index d41fc7ef9..4cce46694 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 - Fix a security issue: updated puma to 4.3.12 to fix [CVE-2022-24790](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24790)
 - Fix a security issue: updated moment to 2.29.2 to fix [CVE-2022-24785](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785)
+- Fix a security issue: updated nokogiri to 1.13.4 to fix [CVE-2022-24839](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24839), [CVE-2018-25032](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032), [CVE-2022-24836](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24836) and [CVE-2022-23437](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437)
 
 ## v5.3.10 2022 April 12
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 91341a5f6..0b72d00e4 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -226,7 +226,7 @@ GEM
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.13.3)
+    nokogiri (1.13.4)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     notify_with (0.0.2)