feat(cve): commit placeholder
diff --git a/src/cve/2021-38295.rst b/src/cve/2021-38295.rst
new file mode 100644
index 0000000..66ab0fe
--- /dev/null
+++ b/src/cve/2021-38295.rst
@@ -0,0 +1,36 @@
+.. Licensed under the Apache License, Version 2.0 (the "License"); you may not
+.. use this file except in compliance with the License. You may obtain a copy of
+.. the License at
+..
+.. http://www.apache.org/licenses/LICENSE-2.0
+..
+.. Unless required by applicable law or agreed to in writing, software
+.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+.. License for the specific language governing permissions and limitations under
+.. the License.
+
+.. _cve/2021-38295:
+
+===========================================================
+CVE-2021-38295: Apache CouchDB TBD
+===========================================================
+
+:Date: TBD
+
+:Affected: 3.1.1 and below
+
+:Severity: Low
+
+:Vendor: The Apache Software Foundation
+
+Description
+===========
+
+We are releasing information about this *low severity* vulnerability
+one week after the accompanying version has been released.
+
+Please check our `online documentation
+<https://docs.couchdb.org/en/stable/cve/index.html>`_ or the `CVE database
+<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38295>`_
+for updates.
