diff --git a/.grype.yaml b/.grype.yaml
index bd1a2b69b..093965818 100644
--- a/.grype.yaml
+++ b/.grype.yaml
@@ -3,3 +3,4 @@ ignore:
   # see https://github.com/anchore/grype/issues/558
   - vulnerability: CVE-2015-5237
   - vulnerability: CVE-2021-22570
+  - vulnerability: CVE-2024-3154 # https://github.com/opencontainers/runc/issues/4233
diff --git a/.trivyignore b/.trivyignore
index 1b543c066..0b7fcae4b 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,2 +1,4 @@
 # Temp ignore, as 2.36-9+deb12u6 is not yet available in debian
 CVE-2024-2961
+# opencontainers/runc 1.2.0-rc.1 is incompatible with Go 1.22: https://github.com/opencontainers/runc/issues/4233
+CVE-2024-3154