CVE-2021-28789
CVE-2021-28789 affects the unofficial apple/swift-format extension for Visual Studio Code prior to 1.1.2. A crafted apple-swift-format.path workspace configuration can trigger remote code execution when the workspace is opened, enabling an attacker to run arbitrary code. Multiple sources confirm ...