These are all security issues fixed in the owasp-modsecurity-crs-3.3.5-1.1 package on the GA media of openSUSE Tumbleweed.