Enabling certain volume types may leave them open to CVE-2020-8555.
The best method of remediation is to upgrade to a patched version. This is fixed in versions 1.15.12+, 1.16.9+, 1.17.5+, and 1.18.1+. All minor release versions newer are also unaffected. Other potential mitigations would be to use a third party security product such as Gatekeeper, or discontinue the use of affected filesystems: glusterfs, quobyte, storageos, scaleIO.
References:
https://github.com/kubernetes/kubernetes/issues/91542
https://discuss.kubernetes.io/t/security-advisory-cve-2020-8555-half-blind-ssrf-in-kube-controller-manager/11198