Revert "bundle update rexml due to CVE" and ignore CVE
This reverts commit 1c4bce6a.
This CVE only regards DoS and initial analysis does not show any vulnerability to us. As deployments are suffereing problems due to the updated strscan
gem dependency we are postponing this fix.
Edited by Michael Prilop