BugZero | Cisco BugID CSCwt73206 - Vulnerabilities in libjpeg 9f

Cisco - Defect ID: CSCwt73206

Vulnerabilities in libjpeg 9f

Cisco - Defect ID: CSCwt73206

Vulnerabilities in libjpeg 9f

Last updated on April 27th, 2026

BugZero Risk Score
7.6 High

Overall: 7.6

Severity: 8.2

Lifecycle: 7.8

Popularity: 3.7

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 1

Description

Symptom

This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2021-39514 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39514 CVE-2021-39515 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39515 CVE-2021-39516 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39516 CVE-2021-39517 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39517 CVE-2021-39518 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39518 CVE-2021-39519 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39519 CVE-2021-39520 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39520 CVE-2022-37768 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37768 CVE-2022-37769 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37769 CVE-2022-37770 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37770 These bugs were opened proactively to investigate potential security impact(s) on the product. At this time, the product is not confirmed to be affected by any of the CVE(s).

Conditions

Device with default configuration.

Workaround

Not available or not applicable.

Further Problem Description

Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS score as of the time of evaluation is: 7.5 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE ID CVE-2021-39514, CVE-2021-39515, CVE-2021-39516, CVE-2021-39517, CVE-2021-39518, CVE-2021-39519, CVE-2021-39520, CVE-2022-37768, CVE-2022-37769, CVE-2022-37770 have been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Change history

2026-04-27 Added: 003.005(000.110), 003.006(000.100)

Relevant Products

Click on a version to see all relevant bugs

Affected versions:003.005(000.110), 003.006(000.100)

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Affected versions:003.005(000.110), 003.006(000.100)

Fixed versions: No known fixed versions

Top Cisco Defects

9.7Defect ID: CSCwt50498
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
9.7Defect ID: CSCvv15096
9200L: SYS-3-CPUHOG: Task is running for (2843)msecs, more than (2000)msecs process = SAUtilReport.
9.7Defect ID: CSCvx82406
Memory leaks in IOS_PRIV_OPER_DB
9.7Defect ID: CSCwj74769
After [non]pairwise key enabling and reboot, bfd ip and port mismatch on device.
9.7Defect ID: CSCvq05584
Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwt73206

Vulnerabilities in libjpeg 9f

Cisco - Defect ID: CSCwt73206

Vulnerabilities in libjpeg 9f

Last updated on April 27th, 2026

BugZero Risk Score7.6 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
7.6 High