diff --git a/action.yml b/action.yml
index 40d484b..e33747d 100644
--- a/action.yml
+++ b/action.yml
@@ -23,6 +23,10 @@ inputs:
     description: Fail if a vulnerability is rated above or equal. [negligible,low,medium,high,critical]
     required: false
     default: "high"
+  onlyFixed:
+    description: Fails if a vulnerability is above failOn and fixed only
+    required: false
+    default: "true"
 
 runs:
   using: docker
diff --git a/entrypoint.sh b/entrypoint.sh
index 849dfa4..61b10af 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -5,6 +5,7 @@ INPUT_IMAGE_PREFIX=$imagePrefix
 INPUT_CONFIG_PATH=$config
 INPUT_PLATFORM=$platform
 INPUT_FAIL_ON=$failOn
+INPUT_ONLY_FIXED=$onlyFixed
 
 set -e
 
@@ -25,6 +26,10 @@ fi;
 
 GRYPE_OPTIONS=("-v" "--by-cve" "--show-suppressed")
 
+if [ "$INPUT_ONLY_FIXED" == "true" ]; then
+  GRYPE_OPTIONS+=("--only-fixed")
+fi
+
 if [ -n "$INPUT_CONFIG_PATH" ] && [ -f "$INPUT_CONFIG_PATH" ]; then
   GRYPE_OPTIONS+=("--config" "$INPUT_CONFIG_PATH")
 fi