diff --git a/.github/workflows/container-ci.yml b/.github/workflows/container-ci.yml
index e65382ca1..15442216e 100644
--- a/.github/workflows/container-ci.yml
+++ b/.github/workflows/container-ci.yml
@@ -179,7 +179,7 @@ jobs:
         image: weblate/weblate:test
         fail-build: false
     - name: Upload Anchore Scan Report
-      uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
+      uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
       with:
         sarif_file: ${{ steps.scan.outputs.sarif }}
 
@@ -228,7 +228,7 @@ jobs:
         severity: CRITICAL,HIGH
 
     - name: Upload Trivy scan results to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6
+      uses: github/codeql-action/upload-sarif@a8d1ac45b9a34d11fe398d5503176af0d06b303e # v3.30.7
       with:
         sarif_file: trivy-results.sarif
     - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2