I’m really worried about this vulnerability in Ubuntu, but do I have this library on my system?

My webserver is running a couple of node expressjs frameworks over nginx, plus a geoserver .

I did an update on the machine today with sudo apt update && sudo apt upgradeubuntu-advantage-toolsopenssl and libssl1.1.

My java version is: openjdk version "1.8.0_292" OpenJDK Runtime Environment (build 1.8.0_292-8u292-b10-0ubuntu1~18.04-b10) OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode)

The geoserver is version 2.13.0, and it appears to be the only software that uses log4j. My geoserver is the platform-independent binary version (not Tomcat), and it appears to utilize jetty as its webserver.

How can I tell if I have log4j and what version I have?

Askify Moderator Edited question April 15, 2023