diff --git a/.github/workflows/score.yaml b/.github/workflows/score.yaml
index 1c700c0..9ca0add 100644
--- a/.github/workflows/score.yaml
+++ b/.github/workflows/score.yaml
@@ -31,6 +31,6 @@ jobs:
           path: results.sarif
           retention-days: 5
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e  # v2.20.0
+        uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80  # v2.22.4
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 0159a03..87d768a 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -176,6 +176,6 @@ jobs:
         severity: ${{ inputs.scan-severity }}
         exit-code: '1'
     - name: Upload Report
-      uses: github/codeql-action/upload-sarif@6c089f53dd51dc3fc7e599c3cb5356453a52ca9e  # v2.11.6
+      uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80  # v2.11.6
       with:
         sarif_file: 'trivy-results.sarif'
\ No newline at end of file