diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml
index e0d33f0..cd94406 100644
--- a/.github/workflows/workflow.yaml
+++ b/.github/workflows/workflow.yaml
@@ -201,7 +201,7 @@ jobs:
       -
         if: inputs.trivy-enabled && inputs.trivy-summary-enabled
         name: Scan for vulnerabilities (table format)
-        uses: aquasecurity/trivy-action@0.27.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           exit-code: '0'
           hide-progress: false
@@ -226,7 +226,7 @@ jobs:
       -
         if: inputs.trivy-sbom-enabled
         name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
-        uses: aquasecurity/trivy-action@0.27.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           format: github
           hide-progress: false
@@ -236,7 +236,7 @@ jobs:
       -
         if: inputs.trivy-enabled
         name: Scan for vulnerabilities
-        uses: aquasecurity/trivy-action@0.27.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           exit-code: '0'
           format: json