Bento4 is an open source C library for reading and writing MP4 files. Bento4 version 1.6.0-639 suffers from a denial-of-service vulnerability that stems from excessive memory consumption in the AP4_Array <AP4_ElstEntry>::EnsureCapacity function in Core/Ap4Array.h. An attacker could exploit the vulnerability to cause a denial-of-service attack.