diff --git a/.github/workflows/commit.yaml b/.github/workflows/commit.yaml
index 8ce7e96..b58f5c0 100644
--- a/.github/workflows/commit.yaml
+++ b/.github/workflows/commit.yaml
@@ -90,7 +90,7 @@ jobs:
 
       - name: Scan OCI image Syft SBOM with Grype
         id: scan
-        uses: anchore/scan-action@84aa2c1d0eba986ed2274869c27f1e35a625449f # v3.3.3
+        uses: anchore/scan-action@4be3c24559b430723e51858969965e163b196957 # v3.3.5
         continue-on-error: true
         with:
           sbom: ${{ github.event.repository.name }}-${{ matrix.os }}-syft-sbom.spdx.json
diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml
index c451095..2a5118a 100644
--- a/.github/workflows/pull-request.yaml
+++ b/.github/workflows/pull-request.yaml
@@ -79,7 +79,7 @@ jobs:
 
       - name: Scan OCI image Syft SBOM with Grype
         id: scan
-        uses: anchore/scan-action@84aa2c1d0eba986ed2274869c27f1e35a625449f # v3.3.3
+        uses: anchore/scan-action@4be3c24559b430723e51858969965e163b196957 # v3.3.5
         with:
           sbom: ${{ github.event.repository.name }}-${{ matrix.os }}-syft-sbom.spdx.json
           severity-cutoff: medium
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 694242f..ecf3b68 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -94,7 +94,7 @@ jobs:
 
       - name: Scan OCI image Syft SBOM with Grype
         id: scan
-        uses: anchore/scan-action@84aa2c1d0eba986ed2274869c27f1e35a625449f # v3.3.3
+        uses: anchore/scan-action@4be3c24559b430723e51858969965e163b196957 # v3.3.5
         continue-on-error: true
         with:
           sbom: ${{ github.event.repository.name }}-${{ matrix.os }}-syft-sbom.spdx.json