Running a script to detect log4j vulnerabilities

Hi-

I am trying to run a script to detect log4j vulnerabilities I got from Red Hat. The file is 'cve-2021-44228--2022-01-10-1242.sh'. Not really knowing where log4j gets installed I want to run it from the root /. It has an option called SCANPATH and wants this to be an absolute path. I use this command:
bash cve-2021-44228--2022-01-10-1242.sh --scan / --tmp /home/alan/Downloads . It obviously doesn't like this path '/' as it is calling it a canonical name. What am I missing?
Or are there specific directories I should be searching utilizing this script? Every time I run the script it puts a report directory in the tmp directory I specify and I need to empty it each time I run the script on a different directory.

?
..ar