diff --git a/crates/qcell/RUSTSEC-0000-0000.md b/crates/qcell/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..cee6629
--- /dev/null
+++ b/crates/qcell/RUSTSEC-0000-0000.md
@@ -0,0 +1,26 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "qcell"
+date = "2022-01-24"
+url = "https://github.com/uazu/qcell/issues/20"
+informational = "unsound"
+keywords = ["unsound"]
+
+[versions]
+patched = [">= 0.4.3"]
+
+```
+
+# A malicious coder can get unsound access to TCell or TLCell memory
+
+This is impossible to do by accident, but by carefully constructing
+marker types to be covariant, a malicious coder can cheat the
+singleton check in `TCellOwner` and `TLCellOwner`, giving unsound
+access to cell memory.  This could take the form of getting two
+mutable references to the same memory, or a mutable reference and an
+immutable reference.
+
+The fix is for the crate to internally force the marker type to be
+invariant.  This blocks the conversion between covariant types which
+Rust normally allows.