diff --git a/.github/workflows/codeql-analysis-reusable.yaml b/.github/workflows/codeql-analysis-reusable.yaml
index 217d5e89..f9098932 100644
--- a/.github/workflows/codeql-analysis-reusable.yaml
+++ b/.github/workflows/codeql-analysis-reusable.yaml
@@ -50,7 +50,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683   # 4.2.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858    # 3.29.0
+        uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3    # 3.30.3
         with:
           # Also check GitHub Actions
           languages: ${{ inputs.language }}, actions
@@ -71,4 +71,4 @@ jobs:
           clean verify
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858    # 3.29.0
+        uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3    # 3.30.3
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
index fa2ea731..b44eda49 100644
--- a/.github/workflows/codeql-analysis.yaml
+++ b/.github/workflows/codeql-analysis.yaml
@@ -46,9 +46,9 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683   # 4.2.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858    # 3.29.0
+        uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3    # 3.30.3
         with:
           languages: actions
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858    # 3.29.0
+        uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3    # 3.30.3
diff --git a/.github/workflows/scorecards-analysis-reusable.yaml b/.github/workflows/scorecards-analysis-reusable.yaml
index 8094b6cb..1c33b09f 100644
--- a/.github/workflows/scorecards-analysis-reusable.yaml
+++ b/.github/workflows/scorecards-analysis-reusable.yaml
@@ -60,6 +60,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858    # 3.29.0
+        uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3    # 3.30.3
         with:
           sarif_file: results.sarif
diff --git a/src/changelog/.12.x.x/update_github_codeql_action.xml b/src/changelog/.12.x.x/update_github_codeql_action.xml
new file mode 100644
index 00000000..e5b3b51c
--- /dev/null
+++ b/src/changelog/.12.x.x/update_github_codeql_action.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<entry xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns="https://logging.apache.org/xml/ns"
+       xsi:schemaLocation="https://logging.apache.org/xml/ns https://logging.apache.org/xml/ns/log4j-changelog-0.xsd"
+       type="updated">
+  <issue id="446" link="https://github.com/apache/logging-parent/pull/446"/>
+  <description format="asciidoc">Update `github/codeql-action` to version `3.30.3`</description>
+</entry>