Tsiamoulis

**Name of the Vulnerable Software and Affected Versions** Open5GS versions prior to commit 67ba7f92bbd7a378954895d96d9d7b05d5b64615 **Description** Open5GS is susceptible to a NULL pointer dereference when processing a `multipart/related` HTTP POST request with an empty HTTP body sent to the SBI of AMF, AUSF, BSF, NRF, NSSF, PCF, SMF, UDM, or UDR. This issue occurs within the `parse multipart` function located in `lib/sbi/message.c` and can lead to a denial of service. **Recommendations** Update Open5GS to commit 67ba7f92bbd7a378954895d96d9d7b05d5b64615 or a later version.