diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index fe246fc7..4ff8a992 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -101,7 +101,7 @@ jobs:
             ${{ steps.meta.outputs.labels }}
 
       - name: Sign api image and attach SBOM attestation
-        uses: adfinis/container-scanning-action@v0.2.11
+        uses: adfinis/container-scanning-action@v0.3.0
         with:
           image-ref: ghcr.io/${{ github.repository }}/api
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -173,7 +173,7 @@ jobs:
             ${{ steps.meta.outputs.labels }}
 
       - name: Sign image and attach SBOM attestation
-        uses: adfinis/container-scanning-action@v0.2.11
+        uses: adfinis/container-scanning-action@v0.3.0
         with:
           image-ref: ghcr.io/${{ github.repository }}/ember
           token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
index 8c520d5a..feb874cd 100644
--- a/.github/workflows/schedule.yaml
+++ b/.github/workflows/schedule.yaml
@@ -24,7 +24,7 @@ jobs:
       # needed for `cosign attest`
       id-token: write
     steps:
-      - uses: adfinis/container-scanning-action@v0.2.11
+      - uses: adfinis/container-scanning-action@v0.3.0
         with:
           image-ref: ghcr.io/${{ github.repository }}/api
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -47,7 +47,7 @@ jobs:
       # needed for `cosign attest`
       id-token: write
     steps:
-      - uses: adfinis/container-scanning-action@v0.2.11
+      - uses: adfinis/container-scanning-action@v0.3.0
         with:
           image-ref: ghcr.io/${{ github.repository }}/ember
           token: ${{ secrets.GITHUB_TOKEN }}