I am using Jenkins version 2.320 on Centos 8.3. I find the following file present on the system: /var/cache/jenkins/war/WEB-INF/lib/log4j-over-slf4j-1.7.32.jar
I have performed the Groovy check for plugins which yielded the negative result listed above.
Can you please explain the use of this file in the Jenkins core (given the statement above), and why it is/is not vulnerable to CVE-2021-44228.