diff --git a/crates/protobuf/RUSTSEC-0000-0000.toml b/crates/protobuf/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..e9400b6
--- /dev/null
+++ b/crates/protobuf/RUSTSEC-0000-0000.toml
@@ -0,0 +1,14 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "protobuf"
+date = "2018-06-08"
+title = "Out of Memory in stream::read_raw_bytes_into()"
+description = """
+Affected versions of this crate called Vec::reserve() on user-supplied input.
+
+This allows an attacker to cause an Out of Memory condition while calling the
+vulnerable method on untrusted data.
+"""
+url = "https://github.com/stepancheg/rust-protobuf/issues/411"
+keywords = ["oom", "panic", "dos"]
+affected_functions = ["stream::read_raw_bytes_into"]
\ No newline at end of file