Arbitrary Command Injection
Affecting github.com/kubernetes/kubernetes/pkg/util/mount package, versions >=1.9.0 <1.9.10 || >=1.10.0 <1.10.6 || >=1.11.0 <1.11.2
github.com/kubernetes/kubernetes/pkg/util/mount is a Production-Grade Container Scheduling and Management.
Affected versions of this package are vulnerable to Arbitrary Command Injection. User input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.
github.com/kubernetes/kubernetes/pkg/util/mount to version 1.9.10, 1.10.6, 1.11.2 or higher.
Do your applications use this vulnerable package?