These are all security issues fixed in the curl-8.9.0-1.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "libcurl-devel-doc": "8.9.0-1.1", "curl": "8.9.0-1.1", "libcurl-devel": "8.9.0-1.1", "libcurl4": "8.9.0-1.1", "libcurl-devel-32bit": "8.9.0-1.1", "libcurl4-32bit": "8.9.0-1.1", "curl-zsh-completion": "8.9.0-1.1", "curl-fish-completion": "8.9.0-1.1" } ] }