CVE 2017-9209
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandl
See the
CVE page on Mitre.org
for more details.