go is vulnerable to privilege escalation. The vulnerability exists due to a bypass access control that is based on IP addresses that when there are extra zero characters at the beginning of an IP address octet.
defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis
github.com/golang/go/issues/30999
github.com/golang/go/issues/43389
github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md
go-review.googlesource.com/c/go/+/325829/
golang.org/pkg/net/#ParseCIDR
lists.fedoraproject.org/archives/list/[email protected]/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM/
security.gentoo.org/glsa/202208-02
www.oracle.com/security-alerts/cpujan2022.html