High severity7.8NVD Advisory· Published Mar 18, 2021· Updated Jun 17, 2026
CVE-2021-28791
CVE-2021-28791
Description
The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Visual Studio Code/SwiftFormatdescription
- Range: <1.3.7
Patches
Vulnerability mechanics
References
2- github.com/vknabel/vscode-swiftformat/releases/tag/1.3.7nvdRelease NotesThird Party Advisory
- vuln.ryotak.me/advisories/13nvdThird Party Advisory
News mentions
0No linked articles in our index yet.