A null pointer dereference in src/amf/namf-handler.c in Open5GS 2.3.6 and earlier allows remote attackers to Denial of Service via a crafted sbi request to amf.
https://github.com/open5gs/open5gs/issues/1247
https://github.com/open5gs/open5gs/commit/d919b2744cd05abae043490f0a3dd1946c1ccb8c