https://bugzilla.redhat.com/show_bug.cgi?id=1775293
--- Comment #40 from Jason Shepherd jshepherd@redhat.com --- Statement:
Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.
Red Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.