diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml
index d5bfdfc..576e1c6 100644
--- a/.github/workflows/prod.yml
+++ b/.github/workflows/prod.yml
@@ -113,6 +113,7 @@ jobs:
       - name: Check security vulnerabilities for BW
         uses: aquasecurity/trivy-action@master
         with:
+          vuln-type: os
           image-ref: 10.20.1.1:5000/bw-tests:latest
           format: table
           exit-code: 1
@@ -122,6 +123,7 @@ jobs:
       - name: Check security vulnerabilities for autoconf
         uses: aquasecurity/trivy-action@master
         with:
+          vuln-type: os
           image-ref: 10.20.1.1:5000/bw-autoconf-tests:latest
           format: table
           exit-code: 1
@@ -131,6 +133,7 @@ jobs:
       - name: Check security vulnerabilities for UI
         uses: aquasecurity/trivy-action@master
         with:
+          vuln-type: os
           image-ref: 10.20.1.1:5000/bw-ui-tests:latest
           format: table
           exit-code: 1
diff --git a/Dockerfile b/Dockerfile
index f7d9e50..6bf0ca2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -72,6 +72,9 @@ RUN apk add --no-cache bash python3 libgcc libstdc++ openssl git && \
 	ln -s /proc/1/fd/1 /var/log/nginx/jobs.log && \
 	ln -s /proc/1/fd/1 /var/log/letsencrypt/letsencrypt.log
 
+# Fix CVE-2022-27405 and CVE-2022-27406
+RUN apk add "freetype>=2.10.4-r3"
+
 VOLUME /data
 
 EXPOSE 8080/tcp 8443/tcp