diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5577c7f84..b8be6aeee 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Fixed
+
+- cherry-pick: Add `--locked` flag to `cargo install` commands for reproducible builds ([#1044]).
+
+[#1044]: https://github.com/stackabletech/docker-images/pull/1044
+
 ## [24.3.0] - 2024-03-20
 
 ### Added
diff --git a/ubi8-rust-builder/Dockerfile b/ubi8-rust-builder/Dockerfile
index e7d73e448..806d257bf 100644
--- a/ubi8-rust-builder/Dockerfile
+++ b/ubi8-rust-builder/Dockerfile
@@ -26,7 +26,7 @@ WORKDIR /
 # property in operator-templating/repositories.yaml
 # hadolint ignore=SC1091
 RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain 1.76.0 \
- && . "$HOME/.cargo/env" && cargo install cargo-cyclonedx@0.4.0 cargo-auditable@0.6.1
+ && . "$HOME/.cargo/env" && cargo install --locked cargo-cyclonedx@0.4.0 cargo-auditable@0.6.1
 
 # Build artifacts will be available in /app.
 RUN mkdir /app