diff --git a/actions/build_docker/action.yml b/actions/build_docker/action.yml
index f3555f8..25a5c54 100644
--- a/actions/build_docker/action.yml
+++ b/actions/build_docker/action.yml
@@ -120,7 +120,7 @@ runs:
     - name: Upload Trivy scan results to GitHub Security tab
       # Do not upload SARIF reports on private repos - GitHub Advanced Security is not enabled
       if: ${{ !cancelled() && fromJSON(inputs.scan) && !github.event.repository.private }} # workaround for composite jobs not being able to pass boolean inputs
-      uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a #v3.27.3
+      uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 #v3.27.5
       with:
         sarif_file: "trivy-results.sarif"
         category: trivy