diff --git a/Gemfile b/Gemfile
index 95b30186..bb346b45 100644
--- a/Gemfile
+++ b/Gemfile
@@ -71,7 +71,7 @@ gem 'newrelic_rpm'
 gem 'kaminari', '~> 1.1.1'
 
 # Enforce dependency versions to avoid vulnerabilities
-gem 'loofah', '~> 2.2.3'
+gem 'loofah', '~> 2.3.1'
 gem 'rack', '~> 1.6.11'
 
 group :development, :test do
diff --git a/Gemfile.lock b/Gemfile.lock
index b1ffca7a..71636264 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -67,7 +67,7 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.1.5)
-    crass (1.0.4)
+    crass (1.0.5)
     debug_inspector (0.0.3)
     devise (4.4.3)
       bcrypt (~> 3.0)
@@ -152,7 +152,7 @@ GEM
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
       ruby_dep (~> 1.2)
-    loofah (2.2.3)
+    loofah (2.3.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     lumberjack (1.0.13)
@@ -166,7 +166,7 @@ GEM
     nds_api (0.1.23)
     nenv (0.3.0)
     newrelic_rpm (5.3.0.346)
-    nokogiri (1.10.1)
+    nokogiri (1.10.5)
       mini_portile2 (~> 2.4.0)
     notiffany (0.1.1)
       nenv (~> 0.1)
@@ -368,7 +368,7 @@ DEPENDENCIES
   jquery-rails
   kaminari (~> 1.1.1)
   le
-  loofah (~> 2.2.3)
+  loofah (~> 2.3.1)
   nds_api (= 0.1.23)
   newrelic_rpm
   overcommit