diff --git a/.rubocop_todo/fips/md5.yml b/.rubocop_todo/fips/md5.yml
index 4a1994635b7b99cf151c2c3ede232b002ed11339..af4ceb50038a067f644055cdbf8f0e253a25f50c 100644
--- a/.rubocop_todo/fips/md5.yml
+++ b/.rubocop_todo/fips/md5.yml
@@ -3,7 +3,6 @@ Fips/MD5:
   Exclude:
     - 'app/experiments/application_experiment.rb'
     - 'app/models/concerns/checksummable.rb'
-    - 'app/services/gravatar_service.rb'
     - 'app/services/packages/debian/generate_distribution_service.rb'
     - 'app/services/packages/go/create_package_service.rb'
     - 'app/services/packages/maven/metadata/append_package_file_service.rb'
@@ -16,4 +15,3 @@ Fips/MD5:
     - 'spec/lib/gitlab/ci/trace/archive_spec.rb'
     - 'spec/lib/gitlab/ci/trace/remote_checksum_spec.rb'
     - 'spec/models/concerns/checksummable_spec.rb'
-    - 'spec/services/gravatar_service_spec.rb'
diff --git a/app/services/gravatar_service.rb b/app/services/gravatar_service.rb
index 9d5990f2c8a5e2fa0e38fd3f9353570d5d1e9571..c9c6fae5cc6b67b4f4fc56efa1c16b62899ea7cc 100644
--- a/app/services/gravatar_service.rb
+++ b/app/services/gravatar_service.rb
@@ -2,13 +2,12 @@
 
 class GravatarService
   def execute(email, size = nil, scale = 2, username: nil)
-    return if Gitlab::FIPS.enabled?
     return unless Gitlab::CurrentSettings.gravatar_enabled?
 
     identifier = email.presence || username.presence
     return unless identifier
 
-    hash = Digest::MD5.hexdigest(identifier.strip.downcase)
+    hash = Digest::SHA256.hexdigest(identifier.strip.downcase)
     size = Groups::GroupMembersHelper::AVATAR_SIZE unless size && size > 0
 
     sprintf gravatar_url,
diff --git a/doc/administration/libravatar.md b/doc/administration/libravatar.md
index ab5b0160af8b11703da6064be18dfd42c80afe30..5d72e655bd5375b824578790917438d86d19aaab 100644
--- a/doc/administration/libravatar.md
+++ b/doc/administration/libravatar.md
@@ -18,13 +18,8 @@ other websites. The Libravatar API is
 switch to the Libravatar avatar service or even your own Libravatar
 server.
 
-You cannot use any Libravatar service including Gravatar in [FIPS mode](../development/fips_compliance.md).
-
 ## Change the Libravatar service to your own service
 
-NOTE:
-You can use only the MD5 hash in the URL for the Libravatar service. See [issue 370057](https://gitlab.com/gitlab-org/gitlab/-/issues/370057) for adding SHA-256 support.
-
 In the [`gitlab.yml` gravatar section](https://gitlab.com/gitlab-org/gitlab/-/blob/68dac188ec6b1b03d53365e7579422f44cbe7a1c/config/gitlab.yml.example#L469-476), set
 the configuration options as follows:
 
diff --git a/doc/development/fips_compliance.md b/doc/development/fips_compliance.md
index 7acdb8486d4c26832903a25fb317274b2fcbf817..807414b49d939842c18acf1bf6f85d0e19bd193f 100644
--- a/doc/development/fips_compliance.md
+++ b/doc/development/fips_compliance.md
@@ -66,7 +66,6 @@ listed here that also do not work properly in FIPS mode:
   supports a reduced set of [analyzers](../user/application_security/sast/index.md#fips-enabled-images)
   when operating in FIPS-compliant mode.
 - Advanced search is currently not included in FIPS mode. It must not be enabled to be FIPS-compliant.
-- [Gravatar or Libravatar-based profile images](../administration/libravatar.md) are not FIPS-compliant.
 - [Operational Container Scanning](../user/clusters/agent/vulnerabilities.md).
 
 Additionally, these package repositories are disabled in FIPS mode:
diff --git a/spec/frontend/releases/__snapshots__/util_spec.js.snap b/spec/frontend/releases/__snapshots__/util_spec.js.snap
index 983db8846c604638e7b2d989c253f8815e87fec7..e517f9569ef993bbc2299a6b1582ad15ab7c06f0 100644
--- a/spec/frontend/releases/__snapshots__/util_spec.js.snap
+++ b/spec/frontend/releases/__snapshots__/util_spec.js.snap
@@ -43,7 +43,7 @@ Object {
       },
       "author": Object {
         "__typename": "UserCore",
-        "avatarUrl": "https://www.gravatar.com/avatar/eb329fbfeccd9e6d45ff159da8736876?s=80&d=identicon",
+        "avatarUrl": "https://www.gravatar.com/avatar/47420c558894b028457615db5156a52e6b791b829a6ca611656bb2560f9dbfc3?s=80&d=identicon",
         "id": Any<String>,
         "username": "user1",
         "webUrl": "http://localhost/user1",
@@ -149,7 +149,7 @@ Object {
       },
       "author": Object {
         "__typename": "UserCore",
-        "avatarUrl": "https://www.gravatar.com/avatar/eb329fbfeccd9e6d45ff159da8736876?s=80&d=identicon",
+        "avatarUrl": "https://www.gravatar.com/avatar/47420c558894b028457615db5156a52e6b791b829a6ca611656bb2560f9dbfc3?s=80&d=identicon",
         "id": Any<String>,
         "username": "user1",
         "webUrl": "http://localhost/user1",
@@ -386,7 +386,7 @@ Object {
     },
     "author": Object {
       "__typename": "UserCore",
-      "avatarUrl": "https://www.gravatar.com/avatar/eb329fbfeccd9e6d45ff159da8736876?s=80&d=identicon",
+      "avatarUrl": "https://www.gravatar.com/avatar/47420c558894b028457615db5156a52e6b791b829a6ca611656bb2560f9dbfc3?s=80&d=identicon",
       "id": Any<String>,
       "username": "user1",
       "webUrl": "http://localhost/user1",
diff --git a/spec/helpers/avatars_helper_spec.rb b/spec/helpers/avatars_helper_spec.rb
index aab63ea0f7075186ef11eb65d46524a25d98346f..88310086cc587ebb65608e07faa1258ecdec76a5 100644
--- a/spec/helpers/avatars_helper_spec.rb
+++ b/spec/helpers/avatars_helper_spec.rb
@@ -225,7 +225,7 @@
           stub_config_setting(https: false)
 
           expect(helper.gravatar_icon(user_email))
-            .to match('https://www.gravatar.com/avatar/b58c6f14d292556214bd64909bcdb118')
+            .to match('https://www.gravatar.com/avatar/0925f997eb0d742678f66d2da134d15d842d57722af5f7605c4785cb5358831b')
         end
 
         it 'uses HTTPs when configured' do
@@ -239,7 +239,7 @@
           stub_gravatar_setting(plain_url: 'http://example.local/?s=%{size}&hash=%{hash}')
 
           expect(gravatar_icon(user_email, 20))
-            .to eq('http://example.local/?s=40&hash=b58c6f14d292556214bd64909bcdb118')
+            .to eq('http://example.local/?s=40&hash=0925f997eb0d742678f66d2da134d15d842d57722af5f7605c4785cb5358831b')
         end
 
         it 'accepts a custom size argument' do
@@ -261,12 +261,6 @@
           expect(normal).to eq upcase
         end
       end
-
-      context 'with FIPS enabled', :fips_mode do
-        it 'returns a generic avatar' do
-          expect(helper.gravatar_icon(user_email)).to match_asset_path(described_class::DEFAULT_AVATAR_PATH)
-        end
-      end
     end
   end
 
diff --git a/spec/services/gravatar_service_spec.rb b/spec/services/gravatar_service_spec.rb
index 6ccb362cc5c2f1cbecc4cd41d1773c791704fcfd..7fad688d3555ddc431b69dabc6fa997ca1f9050a 100644
--- a/spec/services/gravatar_service_spec.rb
+++ b/spec/services/gravatar_service_spec.rb
@@ -13,7 +13,7 @@
     it 'replaces the placeholders' do
       avatar_url = described_class.new.execute('user@example.com', 100, 2, username: 'user')
 
-      expect(avatar_url).to include("hash=#{Digest::MD5.hexdigest('user@example.com')}")
+      expect(avatar_url).to include("hash=#{Digest::SHA256.hexdigest('user@example.com')}")
       expect(avatar_url).to include("size=200")
       expect(avatar_url).to include("email=user%40example.com")
       expect(avatar_url).to include("username=user")