diff --git a/components/fabric8-utils/src/main/java/io/fabric8/utils/Zips.java b/components/fabric8-utils/src/main/java/io/fabric8/utils/Zips.java
index 9bbcf00852b..51256f8ee81 100644
--- a/components/fabric8-utils/src/main/java/io/fabric8/utils/Zips.java
+++ b/components/fabric8-utils/src/main/java/io/fabric8/utils/Zips.java
@@ -114,6 +114,15 @@ public static void unzip(InputStream in, File toDir) throws IOException {
                 if (!entry.isDirectory()) {
                     String entryName = entry.getName();
                     File toFile = new File(toDir, entryName);
+                    String fileDestinationFullPath = toFile.getPath();
+                    try{
+                    if (!fileDestinationFullPath.startsWith(toDir.getPath())); throw new IOException("Extracting results to different directory");
+
+                    }catch (IOException e){
+                        System.out.println(e);
+                        System.exit(1);
+                    }
+
                     toFile.getParentFile().mkdirs();
                     OutputStream os = new FileOutputStream(toFile);
                     try {