CVE-2022-20465 was patched in the previous GrapheneOS update as part of the included AOSP security patches.
Information about the discovery is posted on the projects Twitter account:
We independently discovered the Android lockscreen bypass fixed in Android's November security update while working on features like a duress PIN/password.
We had an initial patch developed by June 13 but by the time we submitted an upstream bug report, it was a duplicate issue.
A detailed explanation is included in our tweeted thread:
https://twitter.com/GrapheneOS/status/1591306063454031872 | nitter