It was discovered that the REXML parser, part of the interpreter for the
Ruby language, could be coerced into allocating large string objects that
could consume all available memory on the system. This could allow remote
attackers to cause a denial of service (crash).