CVE-2013-0175
CVE-2013-0175 affects the multi_xml gem (v0.5.2) used by Grape prior to v0.2.6. The vulnerability stems from improper restriction of string casts, allowing remote object-injection and potential code execution, or DoS via nested XML entity refs, leveraging YAML type conversion or Symbol type conve...