diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt
index 7d955bd4..9d022799 100644
--- a/src/requirements-dev.txt
+++ b/src/requirements-dev.txt
@@ -59,7 +59,9 @@ colorama==0.4.6
 colorful==0.5.5
     # via ray
 coverage[toml]==7.3.2
-    # via pytest-cov
+    # via
+    #   coverage
+    #   pytest-cov
 cryptography==42.0.4
     # via -r requirements.txt
 defusedxml==0.7.1
@@ -119,7 +121,7 @@ gunicorn==20.1.0
     # via -r requirements.txt
 identify==2.5.32
     # via pre-commit
-idna==3.6
+idna==3.7
     # via
     #   -r requirements.txt
     #   requests
diff --git a/src/requirements.in b/src/requirements.in
index 01179100..af81daea 100644
--- a/src/requirements.in
+++ b/src/requirements.in
@@ -16,6 +16,7 @@ scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@6.0.0
 # The following are sub-dependencies for which SCOS Sensor enforces a
 # higher minimum patch version than the dependencies which require them.
 # This is done to ensure the inclusion of specific security patches.
+idna>=3.7             # CVE-2024-3651
 pyyaml>=5.4.0         # CVE-2020-14343
 grpcio>=1.53.0        # CVE-2023-32732, CVE-2023-32731, CVE-2023-1428
 urllib3>=1.26.18      # CVE-2023-45803
diff --git a/src/requirements.txt b/src/requirements.txt
index 363648b3..09783e0b 100644
--- a/src/requirements.txt
+++ b/src/requirements.txt
@@ -59,8 +59,10 @@ grpcio==1.59.3
     #   ray
 gunicorn==20.1.0
     # via -r requirements.in
-idna==3.6
-    # via requests
+idna==3.7
+    # via
+    #   -r requirements.in
+    #   requests
 importlib-resources==6.1.1
     # via
     #   jsonschema