diff --git a/.trivyignore b/.trivyignore
index 5791edabfa4..4e9d4d134c3 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,28 +1 @@
-# emicklei/go-restful - Authorization Bypass Through User-Controlled Key
-# This should be fixed in v2's 2.16.0, although talks were undergoing about why this still shows up as an issue.
-# https://github.com/emicklei/go-restful/pull/503
-CVE-2022-1996
-
-# These CVEs only impacts install of Gloo-Edge from Glooctl CLI.
-# Also Helm module is used in testing, which has no impact on exploitation.
-# Gloo-Edge data and control planes are not impacted at all by the helm module.
-# Glooctl is not a long running program, and does not affect future uses of Glooctl.
-# https://github.com/solo-io/gloo/issues/7598
-# https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r
-CVE-2022-23524
-# https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q
-CVE-2022-23525
-# https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33
-CVE-2022-23526
-
-# https://nvd.nist.gov/vuln/detail/CVE-2022-41721
-# Ignore this vulnerability; it does not affect the gateway-proxy image.
-# No handlers exposed by the control plane fall victim to this attack
-# because we do not use the maxBytesHandler
-CVE-2022-41721
-
-# https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw
-# This CVE has not yet been patched in the kubectl version we are using, however it should not
-# affect us as kubernetes does not use the affected code path (see description in
-# https://github.com/kubernetes/kubernetes/pull/118036).
-CVE-2023-2253
\ No newline at end of file
+# This file is only meaningful in the `main` branch
\ No newline at end of file
diff --git a/changelog/v1.15.29/clear-trivyignore.yaml b/changelog/v1.15.29/clear-trivyignore.yaml
new file mode 100644
index 00000000000..a8e53fe306b
--- /dev/null
+++ b/changelog/v1.15.29/clear-trivyignore.yaml
@@ -0,0 +1,5 @@
+changelog:
+  - type: NON_USER_FACING
+    description: >- 
+      Remove contents of `.trivyignore` file to avoid confusion, as only the main branch `.trivyignore` file is used in security scans.
+      skipCI-kube-tests:true