High severity7.8NVD Advisory· Published Mar 18, 2021· Updated Jun 17, 2026
CVE-2021-28790
CVE-2021-28790
Description
The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Visual Studio Code/SwiftLintdescription
- Range: <1.4.5
- Range: <1.4.5
Patches
Vulnerability mechanics
References
2- github.com/vknabel/vscode-swiftlint/releases/tag/1.4.5nvdRelease NotesThird Party Advisory
- vuln.ryotak.me/advisories/12nvdThird Party Advisory
News mentions
0No linked articles in our index yet.