On October 25, 2022, the OpenSSL Project announced that a critical vulnerability will be fixed in OpenSSL version 3.0.7, which would be released on Tuesday, November 1, 2022.
It has been clarified that this vulnerability only applies to OpenSSL versions 3.0.0 to 3.0.6 and not OpenSSL versions 1.0.2 and 1.1.1.
As of November 1, 2022, the OpenSSL Project has downgraded this vulnerability from critical to high as detailed here.
Spreedly's Security team has been actively involved in investigating and updates on actions taken are posted here.