Podofo · Podofo · CVE-2018-11254
**Name of the Vulnerable Software and Affected Versions**
PoDoFo version 0.9.5
**Description**
An issue was discovered in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp, where there is an excessive recursion. Remote attackers could leverage this to cause a denial of service through a crafted pdf file.
**Recommendations**
For PoDoFo version 0.9.5, consider restricting the use of the `PdfPagesTree::GetPageNode()` function until a patch is available to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.