diff --git a/requirements/requirements.in b/requirements/requirements.in
index e31d0f24f4..5cb95f8394 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -12,7 +12,7 @@ cryptography>=41.0.2  # CVE-2023-38325
 Cython<3 # Since the bump to PyYAML 5.4.1 this is now a mandatory dep
 daphne
 distro
-django==4.2.3  # see UPGRADE BLOCKERs CVEs were identified in 4.2, pinning to .3
+django==4.2.5  # see UPGRADE BLOCKERs, CVE-2023-41164
 django-auth-ldap
 django-cors-headers
 django-crum
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index 8b46d049b8..c49d6079ea 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -103,7 +103,7 @@ deprecated==1.2.13
     # via jwcrypto
 distro==1.8.0
     # via -r /awx_devel/requirements/requirements.in
-django==4.2.3
+django==4.2.5
     # via
     #   -r /awx_devel/requirements/requirements.in
     #   channels