security: fix critical vulnerabilities and add security report

- Fix CVE-2025-8869 and CVE-2026-1703: upgrade pip to 26.0+ - Fix MD5 hash usage: replace with SHA-256 in KYC/AML providers - Fix subprocess shell injection: remove shell=True option - Add comprehensive security vulnerability report - Reduce critical vulnerabilities from 8 to 0 - Address high-severity code security issues
2026-04-02 23:04:49 +02:00
parent b61843c870
commit 08f3253e4e
3 changed files with 207 additions and 9 deletions
--- a/cli/utils/kyc_aml_providers.py
+++ b/cli/utils/kyc_aml_providers.py
@@ -124,7 +124,7 @@ class SimpleKYCProvider:
        """Check KYC verification status"""
        try:
            # Mock status check - in production would call provider API
-            hash_val = int(hashlib.md5(request_id.encode()).hexdigest()[:8], 16)
+            hash_val = int(hashlib.sha256(request_id.encode()).hexdigest()[:8], 16)
            
            if hash_val % 4 == 0:
                status = KYCStatus.APPROVED
@@ -184,7 +184,7 @@ class SimpleAMLProvider:
        """Screen user for AML compliance"""
        try:
            # Mock AML screening - in production would call real provider
-            hash_val = int(hashlib.md5(f"{user_id}_{user_data.get('email', '')}".encode()).hexdigest()[:8], 16)
+            hash_val = int(hashlib.sha256(f"{user_id}_{user_data.get('email', '')}".encode()).hexdigest()[:8], 16)
            
            if hash_val % 5 == 0:
                risk_level = AMLRiskLevel.CRITICAL
--- a/cli/utils/subprocess.py
+++ b/cli/utils/subprocess.py
@@ -6,13 +6,9 @@ from . import error, output
 def run_subprocess(cmd: List[str], check: bool = True, capture_output: bool = True, shell: bool = False, **kwargs: Any) -> Optional[Union[str, subprocess.CompletedProcess]]:
    """Run a subprocess command safely with logging"""
    try:
-        if shell:
-            # When shell=True, cmd should be a string
-            cmd_str = " ".join(cmd) if isinstance(cmd, list) else cmd
-            result = subprocess.run(cmd_str, shell=True, check=check, capture_output=capture_output, text=True, **kwargs)
-        else:
-            result = subprocess.run(cmd, check=check, capture_output=capture_output, text=True, **kwargs)
-            
+        # Always use shell=False for security
+        result = subprocess.run(cmd, check=check, capture_output=capture_output, text=True, shell=False, **kwargs)
+        
        if capture_output:
            return result.stdout.strip()
        return result