Critical Google Cloud Dataform path traversal flaw enables cross-tenant data access
Take action: If you use Google Cloud Dataform, be aware of this vulnerability. You can't do anything about it, it's already patched. But still be aware of the flaw for vendor evaluation, and to review your Dataform repositories for any unexpected changes or unknown code that may have been added before August 21, 2025, when the fix was deployed.
Learn More
Google has patched a critical security vulnerability in Google Cloud Dataform's NPM package installation process that could enable remote, unauthenticated attackers to read from and write to other customers' repositories.
The vulnerability is tracked as CVE-2025-9118 (CVSS score 10.0) and is caused by a path traversal flaw in pathname restrictions during the NPM package installation process. A remote attacker can create a malicious package.json file to read and write files in other customers' repositories, effectively bypassing the multi-tenant security boundaries.
, with fixes released to all regions before public disclosure. The vulnerability was published in Google Cloud Security Bulletin GCP-2025-045 and affects multi-tenant Google Cloud Dataform environments that utilize the NPM package installation mechanism.
Google Cloud Dataform environments using the NPM package installation mechanism prior to August 21, 2025, were affected by this vulnerability. The flaw was patched by Google's security teams and released the fix to all regions. No customer action is required.
Organizations that were using Google Cloud Dataform during the vulnerable period should continue to monitor their repositories for unexpected changes or unknown code.
