CVE-2025-9118 Overview
A path traversal vulnerability exists in the NPM package installation process of Google Cloud Dataform that allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file. This vulnerability is classified as CWE-22 (Path Traversal) and enables cross-tenant data access in a multi-tenant cloud environment.
Critical Impact
This vulnerability allows unauthenticated attackers to traverse directory boundaries during NPM package installation, potentially accessing and modifying sensitive data belonging to other cloud customers. The cross-tenant nature of this vulnerability significantly amplifies its severity.
Affected Products
- Google Cloud Dataform
Discovery Timeline
- 2025-08-25 - CVE-2025-9118 published to NVD
- 2025-08-25 - Last updated in NVD database
Technical Details for CVE-2025-9118
Vulnerability Analysis
This path traversal vulnerability resides within the NPM package installation workflow of Google Cloud Dataform. The vulnerability allows attackers to escape intended directory constraints by crafting malicious package.json files that contain path traversal sequences. When processed during package installation, these sequences enable unauthorized file system access beyond the attacker's designated repository boundaries.
The multi-tenant architecture of Google Cloud Dataform means that successful exploitation could provide access to other customers' repositories, creating a severe cross-tenant data breach scenario. Both read and write operations are possible, allowing attackers to exfiltrate sensitive configuration data, source code, or inject malicious content into victim repositories.
Root Cause
The root cause is improper validation and sanitization of file paths during the NPM package installation process. The Dataform service fails to adequately normalize and validate paths specified within package.json files, allowing directory traversal sequences (such as ../) to escape the intended installation directory. This lack of path canonicalization before file operations enables attackers to reference arbitrary locations within the shared file system infrastructure.
Attack Vector
The attack is network-based and requires no authentication or user interaction. An attacker can exploit this vulnerability by:
- Creating a malicious NPM package with a crafted package.json file containing path traversal sequences
- Publishing the malicious package to a registry accessible by the target Dataform environment
- Triggering the package installation process, either directly or by having the malicious package listed as a dependency
- The traversal sequences are processed during installation, granting access to files outside the attacker's repository boundary
The vulnerability mechanism involves the manipulation of file paths within the package.json structure. When Dataform processes these paths during package installation, insufficient path validation allows directory traversal sequences to escape the intended installation directory. This enables both read operations (exfiltrating data from other repositories) and write operations (injecting malicious content). For detailed technical information, refer to the Google Cloud Security Bulletin.
Detection Methods for CVE-2025-9118
Indicators of Compromise
- Unexpected file access patterns in Dataform repository logs showing paths outside normal boundaries
- Presence of package.json files containing path traversal sequences such as ../ or encoded variants
- Unusual NPM package installation activities referencing unknown or suspicious packages
- Repository integrity anomalies including unexpected file modifications or new files in customer repositories
Detection Strategies
- Implement file integrity monitoring on Dataform repository storage to detect unauthorized modifications
- Monitor NPM package installation logs for packages containing path traversal patterns in their metadata
- Deploy cloud audit logging with alerts for cross-repository file access attempts
- Scan package.json files for directory traversal sequences before processing
Monitoring Recommendations
- Enable Google Cloud Audit Logs for all Dataform operations and configure alerts for anomalous file access patterns
- Implement real-time monitoring for file system operations that traverse parent directories
- Configure security information and event management (SIEM) rules to detect path traversal attempt patterns
How to Mitigate CVE-2025-9118
Immediate Actions Required
- Review Google Cloud Security Bulletin GCP-2025-045 for vendor-provided remediation guidance
- Audit existing Dataform repositories for signs of unauthorized access or modification
- Implement strict package allowlisting to control which NPM packages can be installed
- Review repository access logs for any suspicious activity patterns
Patch Information
Google has addressed this vulnerability in their managed service. Refer to the Google Cloud Security Bulletin for specific patch information and remediation steps. As this is a managed cloud service, patches are typically applied by Google automatically, but customers should verify their environments are protected.
Workarounds
- Implement strict network egress controls to limit package registry access to known-safe sources
- Enable additional repository isolation through Google Cloud organizational policies
- Conduct manual review of all package.json files before allowing package installations
- Consider temporarily restricting NPM package installation capabilities until patch confirmation
# Example: Scan for path traversal patterns in package.json files
grep -rn "\.\.\/" ./dataform-project/package*.json
# Example: Audit Cloud Dataform API calls
gcloud logging read 'resource.type="cloud_dataform_repository"' --limit=100 --format=json
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
