The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. The issue is fixed in PoDoFo version 0.9.7.