Qpdf · Qpdf · CVE-2018-9918
**Name of the Vulnerable Software and Affected Versions**
QPDF versions prior to 8.0.3
**Description**
The issue allows remote attackers to cause a denial of service (stack exhaustion) due to the mishandling of certain dictionary key cases. This is related to the `QPDFObjectHandle` and `QPDF Dictionary` classes, where nesting in direct objects is not restricted.
**Recommendations**
For versions prior to 8.0.3, update to version 8.0.3 or later to resolve the issue.