diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 15c7842..f741b8d 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -126,7 +126,7 @@ jobs:
       IMAGE: "${{ needs.build.outputs.image }}"
     steps:
     - name: Scan for vulnerabilities
-      uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.20.0 (Trivy v0.51.1)
+      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.20.0 (Trivy v0.51.1)
       with: 
         image-ref: ${{ env.IMAGE }}
         format: cosign-vuln