diff --git a/crates/beef/RUSTSEC-0000-0000.md b/crates/beef/RUSTSEC-0000-0000.md
new file mode 100644
index 000000000..077970eb1
--- /dev/null
+++ b/crates/beef/RUSTSEC-0000-0000.md
@@ -0,0 +1,19 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "beef"
+date = "2020-10-28"
+url = "https://github.com/maciejhirsz/beef/issues/37"
+categories = ["memory-corruption", "thread-safety"]
+
+[versions]
+patched = [">= 0.5.0"]
+```
+
+# beef::Cow lacks a Sync bound on its Send trait allowing for data races
+
+Affected versions of this crate did not have a `T: Sync` bound in the `Send` impl for `Cow<'_, T, U>`. This allows users to create data races by making `Cow` contain types that are (Send && !Sync) like `Cell<_>` or `RefCell<_>`.
+
+Such data races can lead to memory corruption.
+
+The flaw was corrected in commit d1c7658 by adding trait bounds `T: Sync` and `T::Owned: Send` to the `Send` impl for `Cow<'_, T, U>`.