diff --git a/.github/workflows/trivy-scan-template.yml b/.github/workflows/trivy-scan-template.yml
index d849fc39..1398c5f6 100644
--- a/.github/workflows/trivy-scan-template.yml
+++ b/.github/workflows/trivy-scan-template.yml
@@ -43,10 +43,11 @@ jobs:
         run: mkdir -p ballerina/lib
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.23.0
+        uses: aquasecurity/trivy-action@master
         with:
           scan-type: "rootfs"
-          scan-ref: "/github/workspace/ballerina/lib"
+          scan-ref: "${{ github.workspace }}/ballerina/lib"
           format: "table"
           timeout: "10m0s"
           exit-code: "1"
+          scanners: "vuln"