Does CVE-2019-5736 impact CircleCI?
We are investigating this and will make an announcement after we have determined any possible impact. You can contact us at firstname.lastname@example.org for more concerns.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
CircleCI deploys docker containers that are non-privileged and use host ‘user namespacing’ (via --userns-remap) to isolate the containers from the host OS.
This vulnerability is only applicable to privileged containers that run without the namespacing/pid mapping.