These are all security issues fixed in the python36-Flask-Cors-3.0.10-1.3 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "python36-Flask-Cors": "3.0.10-1.3", "python38-Flask-Cors": "3.0.10-1.3", "python39-Flask-Cors": "3.0.10-1.3" } ] }