diff --git a/dependency-management/dependency-management-impl/src/main/java/io/cloudslang/dependency/impl/services/utils/UnzipUtil.java b/dependency-management/dependency-management-impl/src/main/java/io/cloudslang/dependency/impl/services/utils/UnzipUtil.java
index be15ad6025..9b61e2326f 100644
--- a/dependency-management/dependency-management-impl/src/main/java/io/cloudslang/dependency/impl/services/utils/UnzipUtil.java
+++ b/dependency-management/dependency-management-impl/src/main/java/io/cloudslang/dependency/impl/services/utils/UnzipUtil.java
@@ -37,7 +37,11 @@ public static void unzipToFolder(String folderPath, InputStream source) {
                     if(ze.isDirectory()) {
                         new File(mavenHome, ze.getName()).mkdirs();
                     } else {
-                        try (FileOutputStream fos = new FileOutputStream(new File(mavenHome, ze.getName()))) {
+                        final File zipEntryFile = new File(mavenHome, ze.getName());
+                        if (!zipEntryFile.toPath().normalize().startsWith(mavenHome.toPath().normalize())) {
+                            throw new IOException("Bad zip entry");
+                        }
+                        try (FileOutputStream fos = new FileOutputStream(zipEntryFile)) {
                             int len;
                             while ((len = zio.read(buffer)) > 0)
                             {