diff --git a/.github/workflows/workflow.build.yaml b/.github/workflows/workflow.build.yaml
index cfa794566..d8d621e3c 100644
--- a/.github/workflows/workflow.build.yaml
+++ b/.github/workflows/workflow.build.yaml
@@ -76,11 +76,11 @@ jobs:
       - uses: "actions/checkout@v3"
       - run: "docker pull ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}"
       - name: Run Trivy vulnerability scanner
-        uses: "aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b"
+        uses: "aquasecurity/trivy-action@0f287db5d30aced70dbc7f7d6bb5c8b919114b4c"
         with:
           image-ref: "ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}"
       - name: Export Trivy Results as sarif
-        uses: "aquasecurity/trivy-action@dba83feec810c70bacbc4bead308ae1e466c572b"
+        uses: "aquasecurity/trivy-action@0f287db5d30aced70dbc7f7d6bb5c8b919114b4c"
         with:
           format: template
           image-ref: "ghcr.io/socialgouv/docker/${{ inputs.name }}:sha-${{ github.sha }}"