diff --git a/.github/workflows/main-vulnerability-scan.yml b/.github/workflows/main-vulnerability-scan.yml
index eb696cb..5dff6e1 100644
--- a/.github/workflows/main-vulnerability-scan.yml
+++ b/.github/workflows/main-vulnerability-scan.yml
@@ -41,7 +41,7 @@ jobs:
         run: docker pull ${{ steps.image-tag.outputs.image-tag }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@v0.35.0
         with:
           image-ref: '${{ steps.image-tag.outputs.image-tag }}'
           format: sarif
@@ -55,7 +55,7 @@ jobs:
           sarif_file: 'trivy-results.sarif'
 
       - name: Run Trivy vulnerability scanner (table output)
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@v0.35.0
         with:
           image-ref: '${{ steps.image-tag.outputs.image-tag }}'
           format: table