diff --git a/.github/workflows/dependency.yml b/.github/workflows/dependency.yml
index cb0f8d2e996..3b682d47cb5 100644
--- a/.github/workflows/dependency.yml
+++ b/.github/workflows/dependency.yml
@@ -18,4 +18,6 @@ jobs:
       - name: "Dependency Review"
         uses: actions/dependency-review-action@v3
         with:
-          allow-ghsas: GHSA-xpp3-xrff-w6rh # this refers to a RocksDB vulnerability on an API we do not use.
+          # This is an minor vuln on the rsa crate, used for
+          # google storage.
+          allow-ghsas: GHSA-c38w-74pg-36hr,GHSA-4grx-2x9w-596c
diff --git a/quickwit/deny.toml b/quickwit/deny.toml
index 89df4e19293..0c6c498786b 100644
--- a/quickwit/deny.toml
+++ b/quickwit/deny.toml
@@ -48,7 +48,8 @@ notice = "warn"
 # A list of advisory IDs to ignore. Note that ignored advisories will still
 # output a note when they are encountered.
 ignore = [
-    #"RUSTSEC-0000-0000",
+    # TODO Remove me after rsa gets patched and released.
+    "RUSTSEC-2023-0071"
 ]
 # Threshold for security vulnerabilities, any vulnerability with a CVSS score
 # lower than the range specified will be ignored. Note that ignored advisories