diff --git a/crates/bitvec/RUSTSEC-0000-0000.toml b/crates/bitvec/RUSTSEC-0000-0000.toml
new file mode 100644
index 0000000..c33c071
--- /dev/null
+++ b/crates/bitvec/RUSTSEC-0000-0000.toml
@@ -0,0 +1,16 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "bitvec"
+date = "2020-03-27"
+title = "use-after or double free of allocated memory"
+url = "https://github.com/myrrlyn/bitvec/issues/55"
+categories = ["memory-corruption"]
+description = """
+Conversion of `BitVec` to `BitBox` did not account for allocation movement.
+
+The flaw was corrected by using the address after resizing, rather than the original base address.
+"""
+functions = { "bitvec::vec::BitVec::into_boxed_bitslice" = ["< 0.17.4, >= 0.11.0"] }
+[versions]
+patched = [">= 0.17.4"]
+unaffected = ["< 0.11.0"]