diff --git a/CHANGELOG.md b/CHANGELOG.md
index c6c7b155f6..5e2039f600 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Adds `CONJUR_USERS_IN_ROOT_POLICY_ONLY` environment variable to prevent users from being created outside the root policy.
 
+### Security
+- Upgrade Rails to 6.12.5.1 to close CVE-2022-22577 and CVE-2022-27777
+  [cyberark/conjur#2553](https://github.com/cyberark/conjur/pull/2553)
+
 ## [1.17.5] - 2022-04-07
 
 ### Changed
diff --git a/Gemfile.lock b/Gemfile.lock
index 27ed66adf0..f6a8a3303d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -8,60 +8,60 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actioncable (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      activejob (= 6.1.4.7)
-      activerecord (= 6.1.4.7)
-      activestorage (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actionmailbox (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      activejob (= 6.1.5.1)
+      activerecord (= 6.1.5.1)
+      activestorage (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       mail (>= 2.7.1)
-    actionmailer (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      actionview (= 6.1.4.7)
-      activejob (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actionmailer (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      actionview (= 6.1.5.1)
+      activejob (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.4.7)
-      actionview (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actionpack (6.1.5.1)
+      actionview (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      activerecord (= 6.1.4.7)
-      activestorage (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actiontext (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      activerecord (= 6.1.5.1)
+      activestorage (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       nokogiri (>= 1.8.5)
-    actionview (6.1.4.7)
-      activesupport (= 6.1.4.7)
+    actionview (6.1.5.1)
+      activesupport (= 6.1.5.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (6.1.4.7)
-      activesupport (= 6.1.4.7)
+    activejob (6.1.5.1)
+      activesupport (= 6.1.5.1)
       globalid (>= 0.3.6)
-    activemodel (6.1.4.7)
-      activesupport (= 6.1.4.7)
-    activerecord (6.1.4.7)
-      activemodel (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
-    activestorage (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      activejob (= 6.1.4.7)
-      activerecord (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
-      marcel (~> 1.0.0)
+    activemodel (6.1.5.1)
+      activesupport (= 6.1.5.1)
+    activerecord (6.1.5.1)
+      activemodel (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
+    activestorage (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      activejob (= 6.1.5.1)
+      activerecord (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
+      marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (6.1.4.7)
+    activesupport (6.1.5.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -107,7 +107,7 @@ GEM
       rspec (>= 2.14, < 4)
     coderay (1.1.3)
     command_class (0.0.2)
-    concurrent-ruby (1.1.9)
+    concurrent-ruby (1.1.10)
     conjur-api (5.3.8.pre.194)
       activesupport (>= 4.2)
       addressable (~> 2.0)
@@ -252,7 +252,7 @@ GEM
     listen (3.7.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.14.0)
+    loofah (2.16.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
@@ -311,20 +311,20 @@ GEM
     rack-rewrite (1.5.1)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.1.4.7)
-      actioncable (= 6.1.4.7)
-      actionmailbox (= 6.1.4.7)
-      actionmailer (= 6.1.4.7)
-      actionpack (= 6.1.4.7)
-      actiontext (= 6.1.4.7)
-      actionview (= 6.1.4.7)
-      activejob (= 6.1.4.7)
-      activemodel (= 6.1.4.7)
-      activerecord (= 6.1.4.7)
-      activestorage (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    rails (6.1.5.1)
+      actioncable (= 6.1.5.1)
+      actionmailbox (= 6.1.5.1)
+      actionmailer (= 6.1.5.1)
+      actionpack (= 6.1.5.1)
+      actiontext (= 6.1.5.1)
+      actionview (= 6.1.5.1)
+      activejob (= 6.1.5.1)
+      activemodel (= 6.1.5.1)
+      activerecord (= 6.1.5.1)
+      activestorage (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       bundler (>= 1.15.0)
-      railties (= 6.1.4.7)
+      railties (= 6.1.5.1)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -341,11 +341,11 @@ GEM
     rails_layout (1.0.42)
     rails_serve_static_assets (0.0.5)
     rails_stdout_logging (0.0.5)
-    railties (6.1.4.7)
-      actionpack (= 6.1.4.7)
-      activesupport (= 6.1.4.7)
+    railties (6.1.5.1)
+      actionpack (= 6.1.5.1)
+      activesupport (= 6.1.5.1)
       method_source
-      rake (>= 0.13)
+      rake (>= 12.2)
       thor (~> 1.0)
     rainbow (3.0.0)
     rake (13.0.6)
@@ -538,4 +538,4 @@ DEPENDENCIES
   websocket
 
 BUNDLED WITH
-   2.2.31
+   2.2.33
diff --git a/NOTICES.txt b/NOTICES.txt
index c1a8af9cf1..ef8f175dea 100644
--- a/NOTICES.txt
+++ b/NOTICES.txt
@@ -24,7 +24,7 @@ Section 3: BSD-3-Clause
 
 Section 4: MIT
 
->>> https://rubygems.org/gems/activesupport/versions/6.1.4.7
+>>> https://rubygems.org/gems/activesupport/versions/6.1.5.1
 >>> https://rubygems.org/gems/anyway_config/versions/2.2.3
 >>> https://rubygems.org/gems/base58/versions/0.2.3
 >>> https://rubygems.org/gems/bcrypt/versions/3.1.16
@@ -45,7 +45,7 @@ Section 4: MIT
 >>> https://rubygems.org/gems/nokogiri/versions/1.13.4
 >>> https://rubygems.org/gems/openid_connect/versions/1.3.0
 >>> https://rubygems.org/gems/rack-rewrite/versions/1.5.1
->>> https://rubygems.org/gems/rails/versions/6.1.4.7
+>>> https://rubygems.org/gems/rails/versions/6.1.5.1
 >>> https://rubygems.org/gems/rake/versions/13.0.6
 >>> https://rubygems.org/gems/sequel/versions/5.51.0
 >>> https://rubygems.org/gems/sequel-pg_advisory_locking/versions/1.0.1
@@ -247,7 +247,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 MIT License is applicable to the following component(s).
 
->>> https://rubygems.org/gems/activesupport/versions/6.1.4.7
+>>> https://rubygems.org/gems/activesupport/versions/6.1.5.1
 
 Copyright (c) 2005-2018 David Heinemeier Hansson
 
@@ -748,7 +748,7 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
->>> https://rubygems.org/gems/rails/versions/6.1.4.7
+>>> https://rubygems.org/gems/rails/versions/6.1.5.1
 
 Copyright (c) 2005-2018 David Heinemeier Hansson