Approximately the entirety of The Cloud. How else do you suppose all those zillions of remote Linux boxes are managed?
I mean SSH1 as that is what Open SSH was based on??
Completely incorrect, but off-topic, so I won’t chase it further here. Instead, read this, then realize that Red Hat is the second-most conservative platform OpenSSH is deployed on, after Windows. (Yes, Microsoft has been shipping a version of OpenSSH since 2015, one doubtless lacking SSH-1 support.) Everywhere else, SSH-1 has been irrelevant for so long there are probably people who are mid-career without ever having encountered it.
Secure shell over HTTP/3 connections
The exploit in question isn’t against the protocol, it’s against the handling of a timeout signal in the privileged code. If all they do to support this is strap an unpatched OpenSSH server to an HTTP/3 proxy, it will have the same vulnerability.