diff --git a/trivy/action.yml b/trivy/action.yml
index e96af49..0b38dd0 100644
--- a/trivy/action.yml
+++ b/trivy/action.yml
@@ -17,8 +17,9 @@ runs:
         repository: Consensys/docs-gha
         path: .docs-gha
 
+    # 0.23.0
     - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@0.23.0       
+      uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2       
       with:
         scan-type: 'fs'
         ignore-unfixed: true
@@ -27,6 +28,6 @@ runs:
         severity: 'CRITICAL'
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       with:
         sarif_file: 'trivy-results.sarif'        
\ No newline at end of file