Xilinx has assessed products in relation to the vulnerability in the Apache Log4j Java logging library described in CVE-2021-44228.
https://nvd.nist.gov/vuln/detail/CVE-2021-44228
The vulnerability risk for Xilinx customers is believed to be very low.