The problem is that you have MORONs like SnOracle contributors to OpenJDK which have code which has getnameinfo() and getaddrinfo() in it, but ifdefs it to use gethostbyname and gethostbyaddr instead on Linux.
So instead of having a v4/v6 unified implementation it has a factory which chooses archaic ones using gethost* family functions. All of that while having the correct code inside (it is just ifdef-ed so it is never used on Linux or BSD version >= 6).
So while Cisco may have moved to the proper functions in all of their C code, they still have a raft of products using Java which do not use the proper function because their underlying interpreter (java) does not. Example - last time I checked Webex used java, right? It also uses the java _ON_ the system, not an alternative JDK which may not be vulnerable (not that it is likely - I bet the code in IPv4AddrImpl.c is the same throughout). So do quite a few other products.