diff --git a/.github/workflows/osv-scanner.yaml b/.github/workflows/osv-scanner.yaml
index 587e57e71..e6c1a666f 100644
--- a/.github/workflows/osv-scanner.yaml
+++ b/.github/workflows/osv-scanner.yaml
@@ -78,7 +78,7 @@ jobs:
 
       - name: Run OSV scanner on existing code
         # yamllint disable rule:line-length
-        uses: google/osv-scanner-action/osv-scanner-action@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6 # v2.1.0
+        uses: google/osv-scanner-action/osv-scanner-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 # v2.2.3
         continue-on-error: true
         with:
           scan-args: |-
@@ -96,7 +96,7 @@ jobs:
 
       - name: Run OSV scanner on new code
         # yamllint disable rule:line-length
-        uses: google/osv-scanner-action/osv-scanner-action@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6 # v2.1.0
+        uses: google/osv-scanner-action/osv-scanner-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 # v2.2.3
         continue-on-error: true
         with:
           scan-args: |-
@@ -108,7 +108,7 @@ jobs:
 
       - name: Run the OSV scanner reporter for the job summary page
         # yamllint disable rule:line-length
-        uses: google/osv-scanner-action/osv-reporter-action@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6 # v2.1.0
+        uses: google/osv-scanner-action/osv-reporter-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 # v2.2.3
         with:
           scan-args: |-
             --output=markdown:output.md
@@ -121,7 +121,7 @@ jobs:
 
       - name: Run the OSV scanner reporter for the code-scanning dashboard
         # yamllint disable rule:line-length
-        uses: google/osv-scanner-action/osv-reporter-action@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6 # v2.1.0
+        uses: google/osv-scanner-action/osv-reporter-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 # v2.2.3
         with:
           scan-args: |-
             --output=osv-results.sarif