osv reports pyyaml needs upgrade when it is already upgraded

Hello, I can’t tell is this is because osv is corrupt and y’all can’t do anything about it or if pip-audit can’t do version number comparisons. I’m still learning, but I can’t find a way to skip this.

It only takes one unresolvable false positive and I have to disable a tool like this from the build server. safety has a --ignore switch, does pip-audit have one?

$ pip-audit -s osv
Found 1 known vulnerabilities in 1 packages
Name   Version ID             Fix Versions
------ ------- -------------- ------------
pyyaml 5.4.1   PYSEC-2021-142 5.4

$ pip freeze | grep PyY
PyYAML==5.4.1