diff --git a/package/exiv2/exiv2.mk b/package/exiv2/exiv2.mk
index ee96a1c2c8..5ca16c4747 100644
--- a/package/exiv2/exiv2.mk
+++ b/package/exiv2/exiv2.mk
@@ -10,6 +10,11 @@ EXIV2_INSTALL_STAGING = YES
 EXIV2_LICENSE = GPL-2.0+, BSD-3-Clause
 EXIV2_LICENSE_FILES = COPYING COPYING-CMAKE-SCRIPTS
 
+# CVE-2019-13504 is misclassified (by our CVE tracker) as affecting version
+# 0.27.2, while in fact both commits that fixed this issue are already in this
+# version.
+EXIV2_IGNORE_CVES += CVE-2019-13504
+
 # 0001-crwimage-Check-offset-and-size-against-total-size.patch
 EXIV2_IGNORE_CVES += CVE-2019-17402