Posted by ErmanArslansOracleBlog on Dec 13, 2021; 9:31am
URL: http://erman-arslan-s-oracle-forum.124.s1.nabble.com/Apache-log4j-tp10503p10504.html

If you are asking about log4j vulnerability, my answer is yes.. EBS is affected.
Follow the case from the following MOS doc ->

Apache Log4j Security Alert CVE-2021-44228 Products and Versions (Doc ID 2827611.1)

EBS listed in "Oracle products with patches pending".. So there is no patch available yet, but Oracle is working on it.