I think openSUSE Leap 15.5 does include Forgejo version. Newest release 9.0.2 have changed to google-awt 5.2.1 which should not be affected with this CVE.