diff --git a/scan/debian.go b/scan/debian.go
index f2bc27fd..75c02e49 100644
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -589,7 +589,7 @@ func (o *debian) getCveIDParsingChangelog(changelog string,
 func (o *debian) parseChangelog(changelog string,
 	packName string, versionOrLater string) (cveIDs []string, err error) {
 
-	cveRe, _ := regexp.Compile(`(CVE-\d{4}-\d{4})`)
+	cveRe, _ := regexp.Compile(`(CVE-\d{4}-\d{4,})`)
 	stopRe, _ := regexp.Compile(fmt.Sprintf(`\(%s\)`, regexp.QuoteMeta(versionOrLater)))
 	stopLineFound := false
 	lines := strings.Split(changelog, "\n")
diff --git a/scan/redhat.go b/scan/redhat.go
index 23e23b91..e44f46c6 100644
--- a/scan/redhat.go
+++ b/scan/redhat.go
@@ -867,7 +867,7 @@ func (o *redhat) parseYumUpdateinfoHeaderAmazon(line string) (a models.DistroAdv
 }
 
 func (o *redhat) parseYumUpdateinfoLineToGetCveIDs(line string) []string {
-	re, _ := regexp.Compile(`(CVE-\d{4}-\d{4})`)
+	re, _ := regexp.Compile(`(CVE-\d{4}-\d{4,})`)
 	return re.FindAllString(line, -1)
 }