diff --git a/.github/workflows/pr-scan.yml b/.github/workflows/pr-scan.yml
index c747816d44..f9d30551d0 100644
--- a/.github/workflows/pr-scan.yml
+++ b/.github/workflows/pr-scan.yml
@@ -27,7 +27,7 @@ jobs:
         output: 'trivy-image-results.json'
         severity: 'CRITICAL,HIGH'
     - name: Run Trivy vulnerability scanner on source code
-      uses: aquasecurity/trivy-action@master
+      uses: aquasecurity/trivy-action@0.20.0
       with:
         scan-type: 'fs'
         scan-ref: '.'
@@ -84,4 +84,4 @@ jobs:
             owner: context.repo.owner,
             repo: context.repo.repo,
             body: commentBody
-          });
\ No newline at end of file
+          });