diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
index 2d0c8d7a..a9110dda 100644
--- a/.github/workflows/kics.yml
+++ b/.github/workflows/kics.yml
@@ -18,7 +18,6 @@
 #* SPDX-License-Identifier: Apache-2.0
 #********************************************************************************
 
-
 name: "KICS"
 
 on:
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 45674f98..3b83f9c0 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,23 +1,22 @@
-#*******************************************************************************
-#* Copyright (c) 2022, 2023 T-Systems International GmbH
-#* Copyright (c) 2022, 2023 Contributors to the Eclipse Foundation
-#*
-#* See the NOTICE file(s) distributed with this work for additional
-#* information regarding copyright ownership.
-#*
-#* This program and the accompanying materials are made available under the
-#* terms of the Apache License, Version 2.0 which is available at
-#* https://www.apache.org/licenses/LICENSE-2.0.
-#*
-#* Unless required by applicable law or agreed to in writing, software
-#* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#* License for the specific language governing permissions and limitations
-#* under the License.
-#*
-#* SPDX-License-Identifier: Apache-2.0
-#********************************************************************************
----
+#################################################################################
+# Copyright (c) 2022,2023 T-Systems International GmbH
+# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
+#
+# See the NOTICE file(s) distributed with this work for additional
+# information regarding copyright ownership.
+#
+# This program and the accompanying materials are made available under the
+# terms of the Apache License, Version 2.0 which is available at
+# https://www.apache.org/licenses/LICENSE-2.0.
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+################################################################################
 
 name: "Trivy"
 on:
@@ -39,50 +38,17 @@ jobs:
       security-events: write
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: "config"
-          exit-code: "1"
-          hide-progress: false
-          format: "sarif"
-          output: "trivy-results1.sarif"
-          severity: "CRITICAL,HIGH"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        if: always()
-        with:
-          sarif_file: "trivy-results1.sarif"
-
-  analyze-product-autosetup-backend:
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v3
-
+ 
       - name: Run Trivy vulnerability scanner
-        if: always()
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.12.0
         with:
           # Path to Docker image
           image-ref: "tractusx/managed-service-orchestrator:latest"
           format: "sarif"
           output: "trivy-results.sarif"
-          exit-code: "1"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        if: always()
         uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: "trivy-results.sarif"
-
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4b3e33e9..dc56da54 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,11 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
- - The customer already gets an email from Portal and the third-Party-provider after the successful deployment that the SDE-Service is ready to use. If the connector End2End test is unsuccessful (this might be based on the cloud communication issue), the customer will be informed about the failing connectivity. This behavior might need to be clarified for the customer. We will change this behavior in the next release.
+
  
-## [1.5.1] - 2023-10-16
+## [1.5.1] - 2023-11-16
 ### Changed
  - Update DT asset creation for oauth secret information
+ - Updated trivy workflow
+ - Changed the base image for security issue
 
 ## [1.5.0] - 2023-09-04
 
diff --git a/Dockerfile b/Dockerfile
index 6185891e..7be15d1f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -33,7 +33,7 @@ COPY ./src ./src
 # build for release
 RUN mvn clean install -Dmaven.test.skip=true 
 
-FROM eclipse-temurin:17-jdk-alpine
+FROM eclipse-temurin:17.0.8.1_1-jdk
 
 ENV USER=autosetupuser
 ENV UID=1000