diff --git a/trivy-image-scan/action.yml b/trivy-image-scan/action.yml
index 2822ae6..2a1c577 100644
--- a/trivy-image-scan/action.yml
+++ b/trivy-image-scan/action.yml
@@ -119,13 +119,13 @@ runs:
         TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       if: (success() || failure()) && inputs.output-mode == 'github' && steps.output.outputs.TRIVY_OUTPUT != '' && inputs.category == ''
       with:
         sarif_file: ${{ steps.output.outputs.TRIVY_OUTPUT }}
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@v3
       if: (success() || failure()) && inputs.output-mode == 'github' && steps.output.outputs.TRIVY_OUTPUT != '' && inputs.category != ''
       with:
         sarif_file: ${{ steps.output.outputs.TRIVY_OUTPUT }}