diff --git a/.github/workflows/security_checks.yml b/.github/workflows/security_checks.yml
index 5d07b855..3fee0c66 100644
--- a/.github/workflows/security_checks.yml
+++ b/.github/workflows/security_checks.yml
@@ -91,10 +91,10 @@ jobs:
           bundle install
       - name: install bundler-audit
         run: |
-          gem install bundler-audit && bundle-audit update
+          gem install bundler-audit && bundler-audit update
       - name: run bundler-audit
         run: |
-          bundle-audit --output=bundler_audit.txt
+          bundler-audit --output=bundler_audit.txt
       - name: upload bundler-audit failure report
         uses: actions/upload-artifact@v3
         if: failure()
diff --git a/Gemfile b/Gemfile
index 91a4b6e4..f7d4ff25 100644
--- a/Gemfile
+++ b/Gemfile
@@ -30,7 +30,7 @@ gem 'mongoid',             '~> 7.4'
 
 gem 'nokogiri', '~> 1.16.5'
 gem 'nokogiri-happymapper'
-gem 'rexml', '~> 3.3.2'
+gem 'rexml', '>= 3.3.3'
 
 # Postgres Database
 gem 'pg'
diff --git a/Gemfile.lock b/Gemfile.lock
index 8e203571..58cba621 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -429,7 +429,7 @@ GEM
     rbtree (0.4.6)
     redcarpet (3.6.0)
     regexp_parser (2.9.0)
-    rexml (3.3.2)
+    rexml (3.3.5)
       strscan
     rspec-core (3.13.0)
       rspec-support (~> 3.13.0)
@@ -572,7 +572,7 @@ DEPENDENCIES
   rbnacl
   redcarpet
   resource_registry!
-  rexml (~> 3.3.2)
+  rexml (>= 3.3.3)
   rspec-rails
   rubocop
   rubocop-git