On Thursday, June 5th, a new OpenSSL vulnerability (CCS Injection Vulnerability) was announced. After its announcement, we reviewed the severity and impact to Globus services, partner services and users. Soon thereafter, we posted details in our support forum, with continuing updates as we learn more. Overall, our assessment for the severity of the impact for this issue is low. The forum post does include some precautionary actions we recommend for administrators of Globus endpoints, and for Globus Toolkit services.
If you have any concerns about this issue, please contact our support team.