CVE-2021-28790

Name of the Vulnerable Software and Affected Versions: Unofficial SwiftLint extension for Visual Studio Code versions prior to 1.4.5

Description: The issue allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace.

Recommendations: For versions prior to 1.4.5, update to version 1.4.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the swiftlint.path configuration value to minimize the risk of exploitation.