These are all security issues fixed in the flatpak-1.11.3-1.2 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "flatpak-devel": "1.11.3-1.2", "typelib-1_0-Flatpak-1_0": "1.11.3-1.2", "flatpak-zsh-completion": "1.11.3-1.2", "libflatpak0": "1.11.3-1.2", "flatpak": "1.11.3-1.2", "system-user-flatpak": "1.11.3-1.2" } ] }