diff --git a/.golangci.yml b/.golangci.yml
index 2ad39c0d8..5a797360e 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -100,6 +100,7 @@ linters:
   enable:
     - asciicheck
     - bodyclose
+    - copyloopvar
     - cyclop
     - dogsled
     - dupl
@@ -108,7 +109,6 @@ linters:
     - errname
     - errorlint
     - exhaustive
-    - exportloopref
     - forcetypeassert
     - gocognit
     - goconst
diff --git a/pkg/action/archive.go b/pkg/action/archive.go
index 8ed76b97f..d9ba6e85b 100644
--- a/pkg/action/archive.go
+++ b/pkg/action/archive.go
@@ -72,9 +72,11 @@ func extractTar(ctx context.Context, d string, f string) error {
 
 	for {
 		header, err := tr.Next()
+
 		if errors.Is(err, io.ErrUnexpectedEOF) || errors.Is(err, io.EOF) {
 			break
 		}
+
 		if err != nil {
 			return fmt.Errorf("failed to read tar header: %w", err)
 		}
@@ -84,6 +86,7 @@ func extractTar(ctx context.Context, d string, f string) error {
 		}
 		target := filepath.Join(d, clean)
 		if header.FileInfo().IsDir() {
+			// #nosec G115
 			if err := os.MkdirAll(target, os.FileMode(header.Mode)); err != nil {
 				return fmt.Errorf("failed to create directory: %w", err)
 			}
@@ -94,6 +97,7 @@ func extractTar(ctx context.Context, d string, f string) error {
 			return fmt.Errorf("failed to create directory for file: %w", err)
 		}
 
+		// #nosec G115
 		f, err := os.OpenFile(target, os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(header.Mode))
 		if err != nil {
 			return fmt.Errorf("failed to create file: %w", err)
diff --git a/pkg/action/archive_test.go b/pkg/action/archive_test.go
index 0e535d51a..4765b7c10 100644
--- a/pkg/action/archive_test.go
+++ b/pkg/action/archive_test.go
@@ -38,7 +38,6 @@ func TestExtractionMethod(t *testing.T) {
 	}
 
 	for _, tt := range tests {
-		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			got := extractionMethod(tt.ext)
 			if (got == nil) != (tt.want == nil) {
@@ -72,7 +71,6 @@ func TestExtractionMultiple(t *testing.T) {
 		},
 	}
 	for _, tt := range tests {
-		tt := tt
 		t.Run(tt.path, func(t *testing.T) {
 			t.Parallel()
 			ctx := context.Background()
diff --git a/pkg/action/scan.go b/pkg/action/scan.go
index 5dc0df53e..4ccaaa8a0 100644
--- a/pkg/action/scan.go
+++ b/pkg/action/scan.go
@@ -314,7 +314,6 @@ func recursiveScan(ctx context.Context, c malcontent.Config) (*malcontent.Report
 		var g errgroup.Group
 		g.SetLimit(maxConcurrency)
 		for path := range pc {
-			path := path
 			g.Go(func() error {
 				if isSupportedArchive(path) {
 					return handleArchive(path)