diff --git a/.github/workflows/container-scan.yml b/.github/workflows/container-scan.yml
index 303eb11bc40..15a3307eaa3 100644
--- a/.github/workflows/container-scan.yml
+++ b/.github/workflows/container-scan.yml
@@ -238,7 +238,7 @@ jobs:
         continue-on-error: true
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: "mongo:7.0.0"
+          image-ref: "mongo:7.0.12"
           format: "cyclonedx"
           output: "mongo-trivy-results.sbom.json"
           timeout: "10m0s"
@@ -255,7 +255,7 @@ jobs:
         continue-on-error: true
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: "mongo:7.0.0"
+          image-ref: "mongo:7.0.12"
           format: "sarif"
           output: "trivy-results.sarif"
           timeout: "10m0s"
@@ -281,7 +281,7 @@ jobs:
           # This is where you will need to introduce the Snyk API token created with your Snyk account
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          image: mongo:7.0.0
+          image: mongo:7.0.12
           args: --sarif-file-output=snyk-code.sarif
 
         # Replace any "undefined" security severity values with 0. The undefined value is used in the case