diff --git a/app/appstate.py b/app/appstate.py
index d9d3842..c998afc 100644
--- a/app/appstate.py
+++ b/app/appstate.py
@@ -467,8 +467,6 @@ class Source:
         Also includes ignored vulnerabilities.
         """
         vulnerabilities = state.vulnerabilities.get(self.name, [])
-        for vuln in vulnerabilities:
-            vuln.ignored = vuln.id in self.pkgextra.ignore_vulnerabilities
         return sorted(vulnerabilities, key=lambda v: v.sort_key, reverse=True)
 
     @property
diff --git a/app/fetch/cdx.py b/app/fetch/cdx.py
index f203a14..df94293 100644
--- a/app/fetch/cdx.py
+++ b/app/fetch/cdx.py
@@ -37,10 +37,14 @@ def parse_cdx(data: bytes) -> dict[str, list[Vulnerability]]:
                 if version.get("status") == "unaffected" and "version" in version:
                     unaffected_versions.append(version["version"])
 
+        ignored_states = {"resolved", "resolved_with_pedigree", "false_positive", "not_affected"}
+        ignored = "analysis" in vuln and vuln["analysis"].get("state") in ignored_states
+
         return Vulnerability(
             id=vuln["id"],
             url=vuln["source"]["url"],
             severity=severity,
+            ignored=ignored,
             unaffected_versions=unaffected_versions)
 
     vuln_mapping: dict[str, list[Vulnerability]] = {}
diff --git a/app/pkgextra.py b/app/pkgextra.py
index 6453d80..1e7e3ff 100644
--- a/app/pkgextra.py
+++ b/app/pkgextra.py
@@ -29,9 +29,6 @@ class PkgExtraEntry(BaseModel):
     pgp_keys_url: str | None = Field(default=None)
     """A website containing which keys are used to sign releases"""
 
-    ignore_vulnerabilities: list[str] = Field(default_factory=list)
-    """List of CVEs or GHSAs that are either not relevant or not fixable"""
-
 
 class PkgExtra(BaseModel):