Smi1E

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18 iPadOS versions prior to 18 watchOS versions prior to 11 macOS Sequoia versions prior to 15 **Description** A privacy issue was addressed by moving sensitive data to a more secure location. An app may be able to access user-sensitive data. **Recommendations** For iOS versions prior to 18, update to iOS 18 to resolve the issue. For iPadOS versions prior to 18, update to iPadOS 18 to resolve the issue. For watchOS versions prior to 11, update to watchOS 11 to resolve the issue. For macOS Sequoia versions prior to 15, update to macOS Sequoia 15 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions prior to 2.4.62 Description: The issue is related to a Server-side Request Forgery (SSRF) vulnerability in the mod rewrite module of the Apache HTTP Server on Windows. This vulnerability can be exploited by a remote attacker to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. The problem is caused by insufficient validation of incoming requests. Recommendations: For versions prior to 2.4.62, upgrade to version 2.4.62, which fixes this issue. As a temporary workaround, consider restricting access to the mod rewrite module to minimize the risk of exploitation.