diff --git a/crates/hyper/RUSTSEC-0000-0000.md b/crates/hyper/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..d17227c
--- /dev/null
+++ b/crates/hyper/RUSTSEC-0000-0000.md
@@ -0,0 +1,20 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "hyper"
+date = "2021-07-07"
+url = "https://github.com/hyperium/hyper/security/advisories/GHSA-f3pg-qwvg-p99c"
+keywords = ["parsing", "http"]
+aliases = ["CVE-2021-32715", "GHSA-f3pg-qwvg-p99c"]
+
+[versions]
+patched = [">= 0.14.10"]
+```
+
+# Lenient `hyper` header parsing of `Content-Length` could allow request smuggling
+
+`hyper`'s HTTP header parser accepted, according to RFC 7230, illegal contents inside `Content-Length` headers.
+Due to this, upstream HTTP proxies that ignore the the header may still forward them along if it chooses to ignore the error.
+
+To be vulnerable, `hyper` must be used as an HTTP/1 server and using an HTTP proxy upstream that ignores the header's contents
+but still forwards it. Due to all the factors that must line up, an attack exploiting this vulnerablity is unlikely.