On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-79058.json"