diff --git a/.github/workflows/release-container.yaml b/.github/workflows/release-container.yaml
index fd8f28c..b48cbb1 100644
--- a/.github/workflows/release-container.yaml
+++ b/.github/workflows/release-container.yaml
@@ -140,7 +140,7 @@ jobs:
           DOCKER_CONTENT_TRUST: 1
             
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         env:
           TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
           TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
@@ -152,7 +152,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -201,7 +201,7 @@ jobs:
           TAGS: ${{ steps.meta.outputs.tags }}
 
       - name: Convert trivy results to CycloneDX
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -217,7 +217,7 @@ jobs:
         if: github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v')
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index 667347b..10a85ae 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -35,7 +35,7 @@ jobs:
         uses: sigstore/cosign-installer@v3.7.0
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         env:
           TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
           TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
@@ -49,7 +49,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -67,7 +67,7 @@ jobs:
           sarif_file: 'trivy.sarif'
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: trivy.json
           scan-type: 'convert'