It’s likely that the hashing algorithm in your favorite language is vulnerable to a denial of service attack. While Perl fixed this forever ago, other languages have been caught with their pants down:

… the flaw affects a long list of technologies, including PHP, ASP.NET, Java, Python, Ruby, Apache Tomcat, Apache Geronimo, Jetty, and Glassfish, as well as Google’s open source JavaScript engine V8. The vendors and developers behind these technologies are working to close the vulnerability, with Microsoft warning of “imminent public release of exploit code” for what is known as a hash collision attack.

There’s already a new release of Ruby that fixes the vulnerability, ruby 1.8.7-p357. Ruby 1.9.x is not vulnerable to this attack.