CVE-2022-21657
A flaw was found in envoy. This issue occurs when it does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, and only to those certificates that contain the necessary extendedKeyUsage id-kp-serverAuth and id-kp-clientAuth, respectively...