These are all security issues fixed in the otrs-3.3.16-37.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "otrs-itsm": "3.3.14-37.1", "otrs": "3.3.16-37.1", "otrs-doc": "3.3.16-37.1" } ] }