diff --git a/.github/workflows/release-arm.yaml b/.github/workflows/release-arm.yaml
index fb14f686d..a451b0a54 100644
--- a/.github/workflows/release-arm.yaml
+++ b/.github/workflows/release-arm.yaml
@@ -218,13 +218,13 @@ jobs:
           sudo mv build/*trivy.sarif trivy-sarif/
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'grype-sarif'
@@ -319,13 +319,13 @@ jobs:
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
         if: startsWith(github.ref, 'refs/tags/')
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
         if: startsWith(github.ref, 'refs/tags/')
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         with:
           sarif_file: 'grype-sarif'
           category: ${{ matrix.flavor }}-grype
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index e057fd1a0..c590e8dad 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -212,13 +212,13 @@ jobs:
           files: |
             release/*
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'grype-sarif'
diff --git a/.github/workflows/reusable-build-flavor.yaml b/.github/workflows/reusable-build-flavor.yaml
index abc048aa7..69a0eefdb 100644
--- a/.github/workflows/reusable-build-flavor.yaml
+++ b/.github/workflows/reusable-build-flavor.yaml
@@ -143,13 +143,13 @@ jobs:
           sudo mv *grype.sarif grype-results/
       - name: Upload Trivy scan results to GitHub Security tab
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         with:
           sarif_file: 'trivy-results'
           category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         with:
           sarif_file: 'grype-results'
           category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-grype
diff --git a/.github/workflows/reusable-docker-arm-build.yaml b/.github/workflows/reusable-docker-arm-build.yaml
index 1334f7283..e49243336 100644
--- a/.github/workflows/reusable-docker-arm-build.yaml
+++ b/.github/workflows/reusable-docker-arm-build.yaml
@@ -155,13 +155,13 @@ jobs:
           sudo mv build/*trivy.sarif trivy-sarif/
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           sarif_file: 'grype-sarif'