diff --git a/api/poetry.lock b/api/poetry.lock
index 82c8d3717..36f383ae4 100644
--- a/api/poetry.lock
+++ b/api/poetry.lock
@@ -221,11 +221,11 @@ uvloop = ["uvloop (>=0.15.2)"]
 
 [[package]]
 name = "bleach"
-version = "3.3.1"
+version = "4.1.0"
 description = "An easy safelist-based HTML-sanitizing tool."
 category = "main"
 optional = false
-python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
+python-versions = ">=3.6"
 
 [package.dependencies]
 packaging = "*"
@@ -2077,7 +2077,7 @@ testing = ["coverage (>=5.0.3)", "zope.event", "zope.testing"]
 [metadata]
 lock-version = "1.1"
 python-versions = "^3.7"
-content-hash = "e966e3314f8c4f8ce2231aa16711e578d18188f587b07f5b14a95f5105b7e217"
+content-hash = "5cf7a0de4bd215aa7cad85a3936f045d1b452000eaa92587ddfc12b7568ccc87"
 
 [metadata.files]
 aiohttp = [
@@ -2239,8 +2239,8 @@ black = [
     {file = "black-22.1.0.tar.gz", hash = "sha256:a7c0192d35635f6fc1174be575cb7915e92e5dd629ee79fdaf0dcfa41a80afb5"},
 ]
 bleach = [
-    {file = "bleach-3.3.1-py2.py3-none-any.whl", hash = "sha256:ae976d7174bba988c0b632def82fdc94235756edfb14e6558a9c5be555c9fb78"},
-    {file = "bleach-3.3.1.tar.gz", hash = "sha256:306483a5a9795474160ad57fce3ddd1b50551e981eed8e15a582d34cef28aafa"},
+    {file = "bleach-4.1.0-py2.py3-none-any.whl", hash = "sha256:4d2651ab93271d1129ac9cbc679f524565cc8a1b791909c4a51eac4446a15994"},
+    {file = "bleach-4.1.0.tar.gz", hash = "sha256:0900d8b37eba61a802ee40ac0061f8c2b5dee29c1927dd1d233e075ebf5a71da"},
 ]
 boto3 = [
     {file = "boto3-1.20.46-py3-none-any.whl", hash = "sha256:a2ffce001160d7e7c72a90c3084700d50eb64ea4a3aae8afe21566971d1fd611"},
diff --git a/api/pyproject.toml b/api/pyproject.toml
index 810d99cc2..0e20c7f36 100644
--- a/api/pyproject.toml
+++ b/api/pyproject.toml
@@ -49,7 +49,7 @@ django-cacheops = "==6.0"
 service-identity = "==21.1.0"
 click = "==8.0.3"
 Markdown = "==3.3.6"
-bleach = "==3.3.1"
+bleach = "==4.1.0"
 feedparser = "==6.0.8"
 watchdog = "==2.1.6"
 asgiref = "==3.5.0" #1516