Security issues

Applications sees IPv4 mapped address
it cannot know if:
it is IPv4 peer (due to RFC2553)
it is IPv6 peer (IPv6 native packet/SIIT)

Various attacks possible
confuse access control (::ffff:127.0.0.1)
pretend to be insider (::ffff:10.0.0.1)
traffic reflection/inflation/anonymization
echo to ::ffff:10.255.255.255 -> 10.255.255.255

Not just a firewall issue
Complex combination attack possible
example - use routing header to bypass packet filters