diff --git a/crates/openssl-src/RUSTSEC-0000-0000.md b/crates/openssl-src/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..6721d0f
--- /dev/null
+++ b/crates/openssl-src/RUSTSEC-0000-0000.md
@@ -0,0 +1,27 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "openssl-src"
+aliases = ["CVE-2021-23841"]
+categories = ["denial-of-service"]
+date = "2021-05-01"
+url = "https://www.openssl.org/news/secadv/20210216.txt"
+
+[versions]
+patched = [">= 111.14"]
+```
+
+# Null pointer deref in `X509_issuer_and_serial_hash()`
+
+The OpenSSL public API function `X509_issuer_and_serial_hash()` attempts to
+create a unique hash value based on the issuer and serial number data contained
+within an X509 certificate. However it fails to correctly handle any errors
+that may occur while parsing the issuer field (which might occur if the issuer
+field is maliciously constructed). This may subsequently result in a NULL
+pointer deref and a crash leading to a potential denial of service attack.
+
+The function `X509_issuer_and_serial_hash()` is never directly called by OpenSSL
+itself so applications are only vulnerable if they use this function directly
+and they use it on certificates that may have been obtained from untrusted
+sources.
+