diff --git a/.github/workflows/reusable-ecr-build-push.yml b/.github/workflows/reusable-ecr-build-push.yml
index 341224e..c223de7 100644
--- a/.github/workflows/reusable-ecr-build-push.yml
+++ b/.github/workflows/reusable-ecr-build-push.yml
@@ -50,7 +50,7 @@ jobs:
 
       - name: Run Trivy vulnerability scanner
         id: trivy
-        uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0
+        uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0
         with:
           image-ref: ${{ secrets.AWS_ACCOUNT_TARGET }}.dkr.ecr.${{ inputs.ecr-repo-aws-region }}.amazonaws.com/${{ inputs.ecr-repo }}:${{ github.sha }}
           format: 'table'