No, there is not. A major Struts project involves many programmers, and at the time they downloaded the flawed version, nobody knew about the flaw. If the flaw had been known, the version would not have been on the Apache site for download.
Struts is an open-source framework coded by volunteers worldwide. A vulnerability like this is a serious blow against open-source software, and a great embarrassment to the Apache project.
And, and why Open Source shouldn’t be used where security is required.
Major fail of the open source community. Typically they are very good at self policing.
It’s not been good for the last few years, far too many major security flaws in OSS. The whole arguments of “security through transparency” is basically trash at this point (imho). It seems good security practices coupled with “security through obscurity” wins - Apple being a good example, even Microsoft has been far better lately.