openSUSE:Factory/bitwarden depends on lilconfig 2.1.0, which is not affected by the vulnerability considered in this bug. The bug can, therefore, be closed.