diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index ede09826..61c18329 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -24,7 +24,7 @@ jobs:
 
         run: docker build . --file Dockerfile --tag app:${{ github.sha }}
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # master
+        uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # master
         with:
           image-ref: "app:${{ github.sha }}"
           format: "sarif"