diff --git a/.changeset/dependabot-9ec400d.md b/.changeset/dependabot-9ec400d.md
new file mode 100644
index 0000000000000..1fd5a85477c93
--- /dev/null
+++ b/.changeset/dependabot-9ec400d.md
@@ -0,0 +1,5 @@
+---
+'@backstage/plugin-auth-backend': patch
+---
+
+chore(deps): bump `passport` from 0.4.1 to 0.5.2
diff --git a/plugins/auth-backend/package.json b/plugins/auth-backend/package.json
index 799ab4c4148be..5b4e4b22ba355 100644
--- a/plugins/auth-backend/package.json
+++ b/plugins/auth-backend/package.json
@@ -58,7 +58,7 @@
     "node-fetch": "^2.6.1",
     "node-cache": "^5.1.2",
     "openid-client": "^4.2.1",
-    "passport": "^0.4.1",
+    "passport": "^0.5.2",
     "passport-bitbucket-oauth2": "^0.1.2",
     "passport-github2": "^0.1.12",
     "passport-gitlab2": "^5.0.0",
diff --git a/yarn.lock b/yarn.lock
index 88409fb1f9001..f0c650e93581c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -18832,10 +18832,10 @@ passport-strategy@1.x.x, passport-strategy@^1.0.0:
   resolved "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4"
   integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ=
 
-passport@^0.4.1:
-  version "0.4.1"
-  resolved "https://registry.npmjs.org/passport/-/passport-0.4.1.tgz#941446a21cb92fc688d97a0861c38ce9f738f270"
-  integrity sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==
+passport@^0.5.2:
+  version "0.5.2"
+  resolved "https://registry.npmjs.org/passport/-/passport-0.5.2.tgz#0cb38dd8a71552c8390dfa6a9a6f7f3909954bcf"
+  integrity sha512-w9n/Ot5I7orGD4y+7V3EFJCQEznE5RxHamUxcqLT2QoJY0f2JdN8GyHonYFvN0Vz+L6lUJfVhrk2aZz2LbuREw==
   dependencies:
     passport-strategy "1.x.x"
     pause "0.0.1"