Incorrect Conversion between Numeric Types
django-filter is a generic system for filtering Django QuerySets based on user selections. In django-filter, automatically generated NumberFilter instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents. + applies a MaxValueValidator with a a default limit_value of 1e50 to the form field used by NumberFilter instances. In addition, NumberFilter implements the new get_max_validator() which should …