| Version | Supported |
|---|---|
| 0.1.x | ✅ |
If you discover a security vulnerability in this project, please report it responsibly.
Please do NOT open a public GitHub issue for security vulnerabilities.
Instead, please report them via GitHub's private vulnerability reporting:
- Go to the Security Advisories page
- Click "Report a vulnerability"
- Fill in the details
Alternatively, email psirt@nvidia.com with:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Any potential impact
- Acknowledgment: within 3 business days
- Initial assessment: within 10 business days
- Fix timeline: depends on severity, typically within 30-90 days
This project provides mock GPU infrastructure for testing. It does not handle real GPU workloads or sensitive data. However, we take security of our CI/CD pipelines, container images, and supply chain seriously.
Areas of particular interest:
- Container image vulnerabilities
- GitHub Actions workflow security
- Supply chain integrity (dependencies, build process)
- Helm chart security (RBAC, privileges)