Document the security of tomllib for untrusted input

[opk12]

Documentation

The documentation for tomllib should be explicit on whether untrusted input is safe to parse, or what features should be avoided.

[hukkin]

In PR #96499 json docs added the warning

Warning
Be cautious when parsing JSON data from untrusted sources. A malicious JSON string may cause
the decoder to consume considerable CPU and memory resources. Limiting the size of data to be parsed is
recommended. 

as response to CVE-2020-10735 (cpython issue #95778).

The countermeasures already exist in v3.11.0 where tomllib first appears so it's not vulnerable to that particular threat at least.