The latest published avatoon release on npm receives security updates.
If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately by emailing khaledalam.net@gmail.com with:
- A description of the issue and its potential impact
- Steps to reproduce (a minimal reproduction is appreciated)
- Any suggested remediation, if known
You can expect an initial response within a few business days. Once the issue is confirmed, a fix will be prepared and released, and credit will be given to the reporter unless anonymity is requested.
Thank you for helping keep Avatoon and its users safe.