diff --git a/.github/workflows/vulnerabilities.yml b/.github/workflows/vulnerabilities.yml
index 3252252..d8ac519 100644
--- a/.github/workflows/vulnerabilities.yml
+++ b/.github/workflows/vulnerabilities.yml
@@ -22,7 +22,7 @@ jobs:
         working-directory: .
     steps:
     - name: Checkout pygeoapi
-      uses: actions/checkout@v4
+      uses: actions/checkout@master
     - name: Scan vulnerabilities with trivy
       uses: aquasecurity/trivy-action@master
       with:
@@ -37,6 +37,9 @@ jobs:
         docker buildx build -t ${{ github.repository }}:${{ github.sha }} --platform linux/amd64 --no-cache -f Dockerfile .
     - name: Scan locally built Docker image for vulnerabilities with trivy
       uses: aquasecurity/trivy-action@master
+      env:
+        TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
+        TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
       with:
         scan-type: image
         exit-code: 1