diff --git a/pac/tasks/acs-deploy-check.yaml b/pac/tasks/acs-deploy-check.yaml
index 868090a..23d7d2f 100644
--- a/pac/tasks/acs-deploy-check.yaml
+++ b/pac/tasks/acs-deploy-check.yaml
@@ -154,7 +154,7 @@ spec:
         fi
 
     - name: report
-      image: registry.access.redhat.com/ubi8-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c
+      image: registry.access.redhat.com/ubi8-minimal@sha256:d16d4445b1567f29449fba3b6d2bc37db467dc3067d33e940477e55aecdf6e8e
       volumeMounts:
         - name: repository
           mountPath: /workspace/repository
diff --git a/pac/tasks/acs-image-check.yaml b/pac/tasks/acs-image-check.yaml
index 357ddb7..c80b4c7 100644
--- a/pac/tasks/acs-image-check.yaml
+++ b/pac/tasks/acs-image-check.yaml
@@ -53,7 +53,7 @@ spec:
         oc annotate taskrun $(context.taskRun.name) task.output.location=logs
 
     - name: rox-image-check
-      image: registry.access.redhat.com/ubi8-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c
+      image: registry.access.redhat.com/ubi8-minimal@sha256:d16d4445b1567f29449fba3b6d2bc37db467dc3067d33e940477e55aecdf6e8e
       volumeMounts:
         - name: rox-secret
           mountPath: /rox-secret
@@ -121,7 +121,7 @@ spec:
         cp roxctl_image_check_output.json /steps-shared-folder/acs-image-check.json
 
     - name: report
-      image: registry.access.redhat.com/ubi8-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c
+      image: registry.access.redhat.com/ubi8-minimal@sha256:d16d4445b1567f29449fba3b6d2bc37db467dc3067d33e940477e55aecdf6e8e
       volumeMounts:
         - name: shared-folder
           mountPath: /steps-shared-folder
diff --git a/pac/tasks/acs-image-scan.yaml b/pac/tasks/acs-image-scan.yaml
index c4d6146..162439e 100644
--- a/pac/tasks/acs-image-scan.yaml
+++ b/pac/tasks/acs-image-scan.yaml
@@ -60,7 +60,7 @@ spec:
         oc annotate taskrun $(context.taskRun.name) task.output.location=logs
 
     - name: rox-image-scan
-      image: registry.access.redhat.com/ubi8-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c
+      image: registry.access.redhat.com/ubi8-minimal@sha256:d16d4445b1567f29449fba3b6d2bc37db467dc3067d33e940477e55aecdf6e8e
       volumeMounts:
         - name: rox-secret
           mountPath: /rox-secret
@@ -171,7 +171,7 @@ spec:
         set_test_output_result SUCCESS "$note"
 
     - name: report
-      image: registry.access.redhat.com/ubi8-minimal@sha256:7583ca0ea52001562bd81a961da3f75222209e6192e4e413ee226cff97dbd48c
+      image: registry.access.redhat.com/ubi8-minimal@sha256:d16d4445b1567f29449fba3b6d2bc37db467dc3067d33e940477e55aecdf6e8e
       volumeMounts:
         - name: shared-folder
           mountPath: /steps-shared-folder
diff --git a/pac/tasks/buildah-rhtap.yaml b/pac/tasks/buildah-rhtap.yaml
index 91c621e..291afa8 100644
--- a/pac/tasks/buildah-rhtap.yaml
+++ b/pac/tasks/buildah-rhtap.yaml
@@ -65,7 +65,7 @@ spec:
       value: $(params.BUILD_ARGS_FILE)
   steps:
   - name: build
-    image: registry.access.redhat.com/ubi9/buildah@sha256:c62b2318eb4709c216ad25969abae5ff6b56e9879d266b539a46fdfc99e8361e
+    image: registry.access.redhat.com/ubi9/buildah@sha256:27d837f9bc69ad3c3651cf3315e2501b137c11baa553d9d46140e5cf7fa7873a
     args:
       - $(params.BUILD_ARGS[*])
     script: |
@@ -103,6 +103,13 @@ spec:
         --digestfile /tmp/files/image-digest $IMAGE \
         docker://$IMAGE
 
+      # Push the image to a unique tag to avoid race conditions
+      buildah push \
+        --tls-verify="$TLSVERIFY" \
+        --retry=5 \
+        --digestfile /tmp/files/image-digest "$IMAGE" \
+        "docker://${IMAGE%:*}:$(context.taskRun.name)"
+
       # Set task results
       buildah images --format '{{ .Name }}:{{ .Tag }}@{{ .Digest }}' | grep -v $IMAGE > $(results.BASE_IMAGES_DIGESTS.path)
       cat /tmp/files/image-digest | tee $(results.IMAGE_DIGEST.path)
@@ -137,7 +144,7 @@ spec:
       name: tmpfiles
 
   - name: merge-sboms
-    image: registry.access.redhat.com/ubi8/python-311@sha256:ec2f4c89e18373c75a72f5b47da4d3ee826e8961a9c6a26ba2fd3112f5a41e4a
+    image: registry.access.redhat.com/ubi8/python-311@sha256:552046341bbe2e4a0e89be4401403ccd39293ea53a736db2e5ec695bc6d906aa
     env:
       - name: RESULT_PATH
         value: $(results.SBOM_BLOB_URL.path)
diff --git a/pac/tasks/init.yaml b/pac/tasks/init.yaml
index cb7a342..c79edba 100644
--- a/pac/tasks/init.yaml
+++ b/pac/tasks/init.yaml
@@ -25,7 +25,7 @@ spec:
 
   steps:
     - name: init
-      image: registry.access.redhat.com/ubi9/skopeo:9.4-14.1728984400@sha256:891ee232a9319ed0f675c318f9605422bde7436328e7faec7dc896a206a78e54
+      image: registry.access.redhat.com/ubi9/skopeo:9.5-1737537999@sha256:b28469b997a6f7ef996859e8d4f4bd25b964084fc2caac23a9c01b8a53adb1d7
       env:
         - name: IMAGE_URL
           value: $(params.image-url)
@@ -41,7 +41,7 @@ spec:
         echo "Determine if Image Already Exists"
         # Build the image when rebuild is set to true or image does not exist
         # The image check comes last to avoid unnecessary, slow API calls
-        if [ "$REBUILD" == "true" ] || [ "$SKIP_CHECKS" == "false" ] || ! skopeo inspect --raw docker://$IMAGE_URL &>/dev/null; then
+        if [ "$REBUILD" == "true" ] || [ "$SKIP_CHECKS" == "false" ] || ! skopeo inspect --no-tags --raw "docker://$IMAGE_URL" &>/dev/null; then
           echo -n "true" > $(results.build.path)
         else
           echo -n "false" > $(results.build.path)