diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 732b1b7..4b471cd 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -50,7 +50,7 @@ jobs:
         run: safety check --json || true
 
       - name: Trivy vulnerability scan
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.31.0
         with:
           scan-type: 'fs'
           scan-ref: '.'