https://bugzilla.redhat.com/show_bug.cgi?id=1737517
--- Comment #6 from Jason Shepherd jshepherd@redhat.com --- Statement:
While OpenShift Container Platform's elasticsearch plugins do ship the vulnerable component, it doesn't do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.