diff --git a/.github/workflows/release-arm.yaml b/.github/workflows/release-arm.yaml
index 27c1b8bb4..5dad25a9a 100644
--- a/.github/workflows/release-arm.yaml
+++ b/.github/workflows/release-arm.yaml
@@ -249,13 +249,13 @@ jobs:
           sudo mv build/*trivy.sarif trivy-sarif/
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'grype-sarif'
@@ -360,13 +360,13 @@ jobs:
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
         if: startsWith(github.ref, 'refs/tags/')
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
         if: startsWith(github.ref, 'refs/tags/')
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         with:
           sarif_file: 'grype-sarif'
           category: ${{ matrix.flavor }}-grype
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 1d999d336..327116268 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -242,13 +242,13 @@ jobs:
           files: |
             release/*
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/')
         with:
           sarif_file: 'grype-sarif'
diff --git a/.github/workflows/reusable-build-flavor.yaml b/.github/workflows/reusable-build-flavor.yaml
index 1d59f03a2..8efbe2204 100644
--- a/.github/workflows/reusable-build-flavor.yaml
+++ b/.github/workflows/reusable-build-flavor.yaml
@@ -152,13 +152,13 @@ jobs:
           sudo mv *grype.sarif grype-results/
       - name: Upload Trivy scan results to GitHub Security tab
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         with:
           sarif_file: 'trivy-results'
           category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
         if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         with:
           sarif_file: 'grype-results'
           category: ${{ inputs.flavor }}-${{ inputs.flavor_release }}-grype
diff --git a/.github/workflows/reusable-docker-arm-build.yaml b/.github/workflows/reusable-docker-arm-build.yaml
index 4a638129f..cbf33319b 100644
--- a/.github/workflows/reusable-docker-arm-build.yaml
+++ b/.github/workflows/reusable-docker-arm-build.yaml
@@ -164,13 +164,13 @@ jobs:
           sudo mv build/*trivy.sarif trivy-sarif/
           sudo mv build/*grype.sarif grype-sarif/
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           sarif_file: 'trivy-sarif'
           category: ${{ matrix.flavor }}-trivy
       - name: Upload Grype scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3
+        uses: github/codeql-action/upload-sarif@9278e421667d5d90a2839487a482448c4ec7df4d # v3
         if: startsWith(github.ref, 'refs/tags/v')
         with:
           sarif_file: 'grype-sarif'