diff --git a/.github/workflows/fossology-check.yml b/.github/workflows/fossology-check.yml
index a968c230..df38b50c 100644
--- a/.github/workflows/fossology-check.yml
+++ b/.github/workflows/fossology-check.yml
@@ -21,7 +21,7 @@ jobs:
             -e GITHUB_ACTIONS=true \
             fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo copyright keyword
       # Upload artifact
-      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
+      - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
         with:
           name: scan-fossology-report
           path: ./results
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index ef8c1f46..24a9dc00 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -64,7 +64,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
         with:
           name: SARIF file
           path: results.sarif