diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5fed447..2f81599 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Security
+- Updated Nokogiri to 1.12.5-x86_64-darwin to resolve 
+  [CVE-2021-41098](https://github.com/advisories/GHSA-2rr5-8q37-2w7h)
+  [cyberark/conjur-service-broker#257](https://github.com/cyberark/conjur-service-broker/pull/257)
 
 ## [1.2.1] - 2021-08-02
 ### Fixed
diff --git a/Gemfile.lock b/Gemfile.lock
index 268b2ce..4758c4f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -90,16 +90,16 @@ GEM
     mime-types (3.3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2020.1104)
-    mini_portile2 (2.5.1)
+    mini_portile2 (2.6.1)
     minitest (5.14.4)
     multi_json (1.15.0)
     multi_test (0.1.2)
     netrc (0.11.0)
     nio4r (2.5.7)
-    nokogiri (1.11.5)
-      mini_portile2 (~> 2.5.0)
+    nokogiri (1.12.5)
+      mini_portile2 (~> 2.6.1)
       racc (~> 1.4)
-    nokogiri (1.11.5-x86_64-darwin)
+    nokogiri (1.12.5-x86_64-darwin)
       racc (~> 1.4)
     pry (0.13.1)
       coderay (~> 1.1)