diff --git a/crates/failure/RUSTSEC-0000-0000.toml b/crates/failure/RUSTSEC-0000-0000.toml
new file mode 100644
index 000000000..4fb31ed3b
--- /dev/null
+++ b/crates/failure/RUSTSEC-0000-0000.toml
@@ -0,0 +1,20 @@
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "failure"
+date = "2019-11-13"
+informational = "unsound"
+title = "Type confusion if __private_get_type_id__ is overriden"
+url = "https://github.com/rust-lang-nursery/failure/issues/336"
+keywords = ["unsound"]
+description = """
+Safe Rust code can implement malfunctioning `__private_get_type_id__` and cause
+type confusion when downcasting, which is an undefined behavior.
+
+Users who derive `Fail` trait are not affected.
+"""
+
+[affected]
+functions = { "failure::Fail::__private_get_type_id__" = [">= 0.1.0"] }
+
+[versions]
+patched = []