diff --git a/scripts/build_docker.sh b/scripts/build_docker.sh
index 66c21b361afaa..e9217d1edcbff 100755
--- a/scripts/build_docker.sh
+++ b/scripts/build_docker.sh
@@ -154,14 +154,14 @@ if [[ "$push" == 1 ]]; then
 fi
 
 log "--- Generating SBOM for Docker image ($image_tag)"
-syft "$image_tag" -o spdx-json >"${image_tag}.spdx.json"
+syft "$image_tag" -o spdx-json >"${image_tag//:/_}.spdx.json"
 
 if [[ "$push" == 1 ]]; then
 	log "--- Attesting SBOM to Docker image for $arch ($image_tag)"
 	COSIGN_EXPERIMENTAL=1 cosign clean "$image_tag"
 
 	COSIGN_EXPERIMENTAL=1 cosign attest --type spdxjson \
-		--predicate "${image_tag}.spdx.json" \
+		--predicate "${image_tag//:/_}.spdx.json" \
 		--yes \
 		"$image_tag"
 fi