diff --git a/actions/build_docker/action.yml b/actions/build_docker/action.yml
index 51c6f1a..91fdc39 100644
--- a/actions/build_docker/action.yml
+++ b/actions/build_docker/action.yml
@@ -123,7 +123,7 @@ runs:
     - name: Upload Trivy scan results to GitHub Security tab
       # Do not upload SARIF reports on private repos - GitHub Advanced Security is not enabled
       if: ${{ !cancelled() && fromJSON(inputs.scan) && !github.event.repository.private }} # workaround for composite jobs not being able to pass boolean inputs
-      uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 #v3.28.0
+      uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d #v3.28.10
       with:
         sarif_file: "trivy-results.sarif"
         category: trivy