Ruby (aka CRuby) before 1.8.7-p357 computes hash values without
restricting the ability to trigger hash collisions predictably,
which allows context-dependent attackers to cause a denial of
service (CPU consumption) via crafted input to an application
that maintains a hash table.