diff --git a/.bundler-audit.yml b/.bundler-audit.yml
new file mode 100644
index 000000000..6cb0809ab
--- /dev/null
+++ b/.bundler-audit.yml
@@ -0,0 +1,6 @@
+---
+ignore:
+  - CVE-2019-16676
+  - CVE-2017-1002201
+  - CVE-2024-26143
+  - CVE-2024-6531
diff --git a/.github/workflows/asset_compilation.yml b/.github/workflows/asset_compilation.yml
index 70773aa90..8774353c4 100644
--- a/.github/workflows/asset_compilation.yml
+++ b/.github/workflows/asset_compilation.yml
@@ -79,7 +79,7 @@ jobs:
         echo "postgres:5432:*:postgres:postgres" > ~/.pgpass
         chmod 600 ~/.pgpass
 
-        gem install bundler --version=2.4.14
+        gem install bundler --version=2.5.17
 
     # According to https://www.jessesquires.com/blog/2021/08/23/caching-bundler-on-github-actions/
     # this is fragile and failure prone, but the step they recommend using instead (ruby/ruby-setup)
diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml
index 93e375eb9..d7f1e1f5a 100644
--- a/.github/workflows/build_images.yml
+++ b/.github/workflows/build_images.yml
@@ -37,7 +37,7 @@ jobs:
             target: prod-build
             build-args: |
               BUILD_TAG=3.1.6-alpine3.20
-              BUNDLER_VERSION=2.4.13
+              BUNDLER_VERSION=2.5.17
               USER_ID=1000
               GROUP_ID=1000
             tags: |
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0fd813bdc..40fec87fc 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -77,7 +77,7 @@ jobs:
 
       - name: Run bundle-audit
         run: |
-          bundle exec bundle-audit check --update --ignore CVE-2019-16676 CVE-2017-1002201 CVE-2024-26143
+          bundle exec bundle-audit check --update
       - name: Run brakeman
         run: |
           bundle exec brakeman -q --no-pager --except PermitAttributes,Render
diff --git a/Gemfile.lock b/Gemfile.lock
index 07fb4b1f4..31c27d05d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -877,4 +877,4 @@ DEPENDENCIES
   yabeda-rails
 
 BUNDLED WITH
-   2.4.13
+   2.5.17
diff --git a/docker/app/Dockerfile b/docker/app/Dockerfile
index 46ebe5645..bf33f9939 100644
--- a/docker/app/Dockerfile
+++ b/docker/app/Dockerfile
@@ -24,7 +24,7 @@ ARG BUILD_TAG
 FROM ruby:${BUILD_TAG} AS base
 ARG USER_ID=10000
 ARG GROUP_ID=10000
-ARG BUNDLER_VERSION=2.4.13
+ARG BUNDLER_VERSION=2.5.17
 
 LABEL "app"=open-path-cas
 LABEL "ruby-version"=3.1.6
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index ee196b180..53a5f7208 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -11,7 +11,7 @@ x-app: &app
       PG_MAJOR: '12'
       NODE_MAJOR: '12'
       YARN_VERSION: '1.17.3'
-      BUNDLER_VERSION: '2.4.14'
+      BUNDLER_VERSION: '2.5.17'
       USER_ID: ${USER_ID:-10000}
       GROUP_ID: ${GROUP_ID:-10000}
   environment: &env