This is a clone of issue OCPBUGS-72556. The following is the description of the original issue:
—
This is a clone of issue OCPBUGS-72411. The following is the description of the original issue:
—
CNO init container creates the mgmt cluster kubeconfig with an IPv4 address in brackets. Golang previously allowed this, but a CVE fix in 1.24.8 made the parsing more strict.

ART recently bumped the golang builder version for 4.20 and later to include this CVE fix which broke hypershift on our conformance tests, which use ART built nightly payloads.

Golang CVE:
https://nvd.nist.gov/vuln/detail/CVE-2025-47912

Example job:
https://prow.ci.openshift.org/view/gs/test-platform-results/logs/periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance/2008754741730873344

Example CNO log:
https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/test-platform-results/logs/periodic-ci-openshift-hypershift-release-4.22-periodics-e2e-aws-ovn-conformance/2009089782130413568/artifacts/e2e-aws-ovn-conformance/dump/artifacts/namespaces/clusters-6d513dc222c92cdc1739/core/pods/logs/cluster-network-operator-86594c97b9-fdmxf-cluster-network-operator-previous.log

Problematic code:
https://github.com/openshift/hypershift/blob/032f0411ef8aea4da1c2b91406e1f984ef2e1baf/control-plane-operator/controllers/hostedcontrolplane/v2/assets/cluster-network-operator/deployment.yaml#L152