diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 15579962..014b18ab 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -33,6 +33,6 @@ jobs:
         output: 'trivy-results.sarif'
         ignore-unfixed: true
         severity: 'HIGH,CRITICAL'
-    - uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
+    - uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
       with:
         sarif_file: 'trivy-results.sarif'