diff --git a/requirements/requirements.in b/requirements/requirements.in
index 93b5b4f72e3f..f54094ae72c7 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -40,7 +40,7 @@ pygerduty
 pyparsing
 python3-saml
 python-ldap>=3.3.1 # https://github.com/python-ldap/python-ldap/issues/270
-pyyaml>=5.3.1  # minimum version to pull in new pyyaml for CVE-2017-18342
+pyyaml>=5.4.1  # minimum to fix https://github.com/yaml/pyyaml/issues/478
 schedule==0.6.0
 social-auth-core==3.3.1  # see UPGRADE BLOCKERs
 social-auth-app-django==3.1.0  # see UPGRADE BLOCKERs
diff --git a/requirements/requirements.txt b/requirements/requirements.txt
index a6901fd3efc6..6256afd06164 100644
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -100,7 +100,7 @@ python-string-utils==1.0.0  # via openshift
 python3-openid==3.1.0     # via social-auth-core
 python3-saml==1.9.0       # via -r /awx_devel/requirements/requirements.in
 pytz==2019.3              # via django, irc, tempora, twilio
-pyyaml==5.3.1             # via -r /awx_devel/requirements/requirements.in, ansible-runner, djangorestframework-yaml, kubernetes
+pyyaml==5.4.1             # via -r /awx_devel/requirements/requirements.in, ansible-runner, djangorestframework-yaml, kubernetes
 redis==3.4.1              # via -r /awx_devel/requirements/requirements.in, django-redis
 requests-oauthlib==1.3.0  # via kubernetes, msrest, social-auth-core
 requests==2.23.0          # via -r /awx_devel/requirements/requirements.in, adal, azure-keyvault, django-oauth-toolkit, kubernetes, msrest, requests-oauthlib, slackclient, social-auth-core, twilio