diff --git a/.github/workflows/build-tag-release.yaml b/.github/workflows/build-tag-release.yaml
index c9fe177..da03b5b 100644
--- a/.github/workflows/build-tag-release.yaml
+++ b/.github/workflows/build-tag-release.yaml
@@ -119,14 +119,14 @@ jobs:
           push-to-registry: true
 
       - name: Generate SPDX SBOM
-        uses: anchore/sbom-action@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
         with:
           image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.changed.outcome == 'success' && steps.version.outputs.new_tag || github.ref_name }}
           format: spdx-json
           output-file: ./sbom.spdx.json
 
       - name: Generate CycloneDX SBOM
-        uses: anchore/sbom-action@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
         with:
           image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.changed.outcome == 'success' && steps.version.outputs.new_tag || github.ref_name }}
           format: cyclonedx-json