I am not totally familiar with the details of OpenSSL implementations out there today, but OpenSSL is an Open Source technology, meaning it is openly developed by a consortium of various developers and companies. Open source works well to help establish open technical standards that are not proprietary and can be adapted by many from many sources. Open Source and security are really not two words that inherently be used together due to the inherent nature of open source being "open" as opposed to "secure".
However, most commercial applications of Open SOurce technologies are done using versions of the Open SOurce Technology that is fully supported for its use by a real business/company with a skin in the game to make sure the product works as intended and is successful. I suspect that is the case with Open SSL as well, and I would expect those versions would inherently be more secure than their pure open source relatives.
However, open source implementations tend to be free, though less reliable and secure, so there is incentive for some sites/applications/companies looking to go on the cheap to use them, even if doing that with a product related to security might be as effective as hiring an 85 year old grandma as your security guard.
So it is a concern but I would expect most any reputable company to use a more robust implementation and not the free open source one.
However, most commercial applications of Open SOurce technologies are done using versions of the Open SOurce Technology that is fully supported for its use by a real business/company with a skin in the game to make sure the product works as intended and is successful. I suspect that is the case with Open SSL as well, and I would expect those versions would inherently be more secure than their pure open source relatives.
However, open source implementations tend to be free, though less reliable and secure, so there is incentive for some sites/applications/companies looking to go on the cheap to use them, even if doing that with a product related to security might be as effective as hiring an 85 year old grandma as your security guard.
So it is a concern but I would expect most any reputable company to use a more robust implementation and not the free open source one.