Int/str conversions broken in latest Python bugfix releases

In this case, and most uses of the term “DoS”, it’s referring to the denial to all users through the exhaustion of resources. In this case, tying up the CPU time spent converting input or rendering output, so that CPU time isn’t available to handle other requests.

As to it being hard to come up with an example, that’s true of a lot of vulnerabilities… right up until there’s a known attack.

I was referring to the theoretical logging issue they proposed, which does not appear to be a real issue. Coming up with theoretical examples of other attacks is not the topic of this thread, and if they believe there’s a security issue they should responsibly report it to the security list.