diff --git a/Gemfile b/Gemfile
index 7143a13ca..be2ac4088 100644
--- a/Gemfile
+++ b/Gemfile
@@ -15,7 +15,7 @@ gem 'webpacker', '~> 5.4.4'
 gem 'good_job', '~> 3.99'
 
 # fix for https://www.ruby-lang.org/en/news/2021/11/15/date-parsing-method-regexp-dos-cve-2021-41817/
-gem "date", "~> 3.3.4"
+gem "date", "~> 3.4.0"
 
 gem 'httparty', '~> 0.22.0' # https://github.com/jnunemaker/httparty
 gem 'sprockets', '~> 3.7'
diff --git a/Gemfile.lock b/Gemfile.lock
index 4228f003b..f5be310dc 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -157,7 +157,7 @@ GEM
     database_cleaner-active_record (1.99.0)
       activerecord
       database_cleaner (~> 1.99.0)
-    date (3.3.4)
+    date (3.4.0)
     debug (1.9.2)
       irb (~> 1.10)
       reline (>= 0.3.8)
@@ -513,7 +513,7 @@ DEPENDENCIES
   countries (~> 4.2)
   csv
   database_cleaner-active_record
-  date (~> 3.3.4)
+  date (~> 3.4.0)
   debug
   devise (~> 4.9)
   devise-async (~> 1.0)