diff --git a/.trivyignore b/.trivyignore
index afd9319e23..4dea0cceee 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -91,3 +91,7 @@ CVE-2021-3711
 # is only available in premium support, trivy thinks we should use something in the 1.1.1
 # line. We can't, due to FIPS compliance, so need to continue to ignore this issue.
 CVE-2023-0286
+
+# Scanners pick up this vulnerability in OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1
+# however we use ruby 3+ in production so we can safely ignore it.
+CVE-2017-14033