The Heartbleed Bug, which is being actively exploited worldwide, affects OpenSSL by allowing attackers to read information that is expected to be encrypted. Critical information such as passwords or secret keys could be leaked if the problem is exploited.
For more information about the Heartbleed bug:
Penn State's Response to the Heartbleed Bug
Updates from Penn State's Security Operations Services