diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 7c1414c..893ea0c 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -173,11 +173,12 @@ jobs:
         uses: aquasecurity/trivy-action@0.23.0
         with:
           image-ref: ${{ steps.build-and-push.outputs.imageid }}
-          format: 'sarif'
           exit-code: '1'
           ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "MEDIUM,HIGH,CRITICAL"
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Code Scanning
         if: ${{ always() && !cancelled() && steps.scan.outcome == 'success' || steps.scan.outcome == 'failure' }}