diff --git a/CHANGELOG.md b/CHANGELOG.md
index a9b933927..592c1d13e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## [Unreleased]
 
+- Updated pip from 24.0 to 24.3.1. ([#1685](https://github.com/heroku/heroku-buildpack-python/pull/1685))
 
 ## [v267] - 2024-11-12
 
diff --git a/lib/cache.sh b/lib/cache.sh
index bacebc999..551b8a87a 100644
--- a/lib/cache.sh
+++ b/lib/cache.sh
@@ -74,9 +74,8 @@ function cache::restore() {
 				cached_pip_version="$(meta_prev_get "pip_version")"
 				# Handle caches written by buildpack versions older than v252 (see above).
 				if [[ -z "${cached_pip_version}" ]]; then
-					# Whilst we don't know the old version, we know the pip version has likely
-					# changed since the last build, and would rather err on the side of caution.
-					# (The pip version was last updated in v246, but will be updated again soon.)
+					# Whilst we don't know the old version, we know the pip version has definitely
+					# changed since buildpack v251.
 					cache_invalidation_reasons+=("The pip version has changed")
 				elif [[ "${cached_pip_version}" != "${PIP_VERSION:?}" ]]; then
 					cache_invalidation_reasons+=("The pip version has changed from ${cached_pip_version} to ${PIP_VERSION}")
diff --git a/requirements/pip.txt b/requirements/pip.txt
index f293eef6f..662f25f21 100644
--- a/requirements/pip.txt
+++ b/requirements/pip.txt
@@ -1 +1 @@
-pip==24.0
+pip==24.3.1
diff --git a/spec/hatchet/pip_spec.rb b/spec/hatchet/pip_spec.rb
index 3f3305366..19fc6d6e0 100644
--- a/spec/hatchet/pip_spec.rb
+++ b/spec/hatchet/pip_spec.rb
@@ -227,6 +227,7 @@
           remote:          Preparing metadata \\(setup.py\\): finished with status 'done'
           remote:        .+
           remote:        Installing collected packages: six, test
+          remote:          DEPRECATION: Legacy editable install of test==0.0.0 from file:///tmp/build_.* \\(setup.py develop\\) is deprecated. pip 25.0 will enforce this behaviour change. A possible replacement is to add a pyproject.toml or enable --use-pep517, and use setuptools >= 64. If the resulting installation is not behaving as expected, try using --config-settings editable_mode=compat. Please consult the setuptools documentation for more information. Discussion can be found at https://github.com/pypa/pip/issues/11457
           remote:          Running setup.py develop for test
         REGEX
       end
@@ -254,7 +255,9 @@
       app.deploy do |app|
         expect(clean_output(app.output)).to include(<<~OUTPUT)
           remote: -----> Installing dependencies using 'pip install -r requirements.txt'
-          remote:        ERROR: Invalid requirement: 'an-invalid-requirement!' (from line 1 of requirements.txt)
+          remote:        ERROR: Invalid requirement: 'an-invalid-requirement!': Expected end or semicolon (after name and no valid version specifier)
+          remote:            an-invalid-requirement!
+          remote:                                  ^ (from line 1 of requirements.txt)
           remote: 
           remote:  !     Error: Unable to install dependencies using pip.
           remote:  !     
diff --git a/spec/hatchet/python_version_spec.rb b/spec/hatchet/python_version_spec.rb
index d566bc752..bf0503806 100644
--- a/spec/hatchet/python_version_spec.rb
+++ b/spec/hatchet/python_version_spec.rb
@@ -52,7 +52,7 @@
       # This test performs an initial build using an older buildpack version, followed
       # by a build using the current version. This ensures that the current buildpack
       # can successfully read the version metadata written to the build cache in the past.
-      let(:buildpacks) { ['https://github.com/heroku/heroku-buildpack-python#v250'] }
+      let(:buildpacks) { ['https://github.com/heroku/heroku-buildpack-python#v257'] }
 
       it 'builds with the same Python version as the last build' do
         app.deploy do |app|
@@ -61,11 +61,11 @@
           app.push!
           expect(clean_output(app.output)).to include(<<~OUTPUT)
             remote: -----> Python app detected
-            remote: -----> No Python version was specified. Using the same version as the last build: Python 3.12.3
+            remote: -----> No Python version was specified. Using the same version as the last build: Python 3.12.6
             remote:        To use a different version, see: https://devcenter.heroku.com/articles/python-runtimes
             remote: -----> Discarding cache since:
-            remote:        - The pip version has changed
-            remote: -----> Installing Python 3.12.3
+            remote:        - The pip version has changed from 24.0 to #{PIP_VERSION}
+            remote: -----> Installing Python 3.12.6
             remote: 
             remote:  !     Warning: A Python security update is available!
             remote:  !     
@@ -74,7 +74,7 @@
             remote: 
             remote: -----> Installing pip #{PIP_VERSION}, setuptools #{SETUPTOOLS_VERSION} and wheel #{WHEEL_VERSION}
           OUTPUT
-          expect(app.run('python -V')).to include('Python 3.12.3')
+          expect(app.run('python -V')).to include('Python 3.12.6')
         end
       end
     end