diff --git a/.github/workflows/docker-scan.yml b/.github/workflows/docker-scan.yml
index c5bb2c0..606a08f 100644
--- a/.github/workflows/docker-scan.yml
+++ b/.github/workflows/docker-scan.yml
@@ -49,7 +49,7 @@ jobs:
           no-cache: true
 
       - name: Docker Scout vulnerability scan
-        uses: docker/scout-action@v1
+        uses: docker/scout-action@v1.18.1
         with:
           command: cves
           image: gitea-mirror:scan
@@ -66,7 +66,7 @@ jobs:
           sarif_file: scout-results.sarif
 
       - name: Docker Scout policy evaluation
-        uses: docker/scout-action@v1
+        uses: docker/scout-action@v1.18.1
         if: always()
         with:
           command: policy