diff --git a/go.mod b/go.mod
index 7911ac572..538ea3fac 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/anchore/syft
 
-go 1.22.8
+go 1.22.9
 
 require (
 	github.com/CycloneDX/cyclonedx-go v0.9.1
@@ -17,7 +17,7 @@ require (
 	github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04
 	github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b
 	github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f
-	github.com/anchore/stereoscope v0.0.6-0.20241101185849-cbd43fb4e5d3
+	github.com/anchore/stereoscope v0.0.8
 	github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be
 	// we are hinting brotli to latest due to warning when installing archiver v3:
 	// go: warning: github.com/andybalholm/brotli@v1.0.1: retracted by module author: occasional panics and data corruption
diff --git a/go.sum b/go.sum
index 9a05d0a6c..7ac244e1e 100644
--- a/go.sum
+++ b/go.sum
@@ -115,8 +115,8 @@ github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b h1:e1bmaoJfZV
 github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
 github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f h1:dAQPIrQ3a5PBqZeZ+B9NGZsGmodk4NO9OjDIsQmQyQM=
 github.com/anchore/packageurl-go v0.1.1-0.20241018175412-5c22e6360c4f/go.mod h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI=
-github.com/anchore/stereoscope v0.0.6-0.20241101185849-cbd43fb4e5d3 h1:T1LMkKwzSg1s8+xylq51xroPoo83Nt3zQPvdRRDB9Bw=
-github.com/anchore/stereoscope v0.0.6-0.20241101185849-cbd43fb4e5d3/go.mod h1:jgLIzIwEkfMhjhKmuzaSEeU2/vFCqlO3XTrSeSLfOaM=
+github.com/anchore/stereoscope v0.0.8 h1:ma8A7SnM5WWU0HJ2p6YBq7myN7zKa0JnUQOY/4enekk=
+github.com/anchore/stereoscope v0.0.8/go.mod h1:o1eDg6BZwORU6nh4vRe3C2ZmAmmH+MWRLNl55uAF/v8=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
 github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=