diff --git a/gxcompress/src/main/java/com/genexus/compression/CompressionUtils.java b/gxcompress/src/main/java/com/genexus/compression/CompressionUtils.java
index 85aff8520..7deebfc66 100644
--- a/gxcompress/src/main/java/com/genexus/compression/CompressionUtils.java
+++ b/gxcompress/src/main/java/com/genexus/compression/CompressionUtils.java
@@ -9,6 +9,8 @@
 import java.io.IOException;
 import java.io.RandomAccessFile;
 import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.util.Enumeration;
 import java.util.jar.JarEntry;
 import java.util.jar.JarFile;
@@ -304,4 +306,13 @@ private static boolean isEntryPathSafe(File targetPath, String entryName) throws
 		File destinationFile = new File(targetPath, entryName).getCanonicalFile();
 		return destinationFile.getPath().startsWith(targetPath.getPath() + File.separator) || destinationFile.getPath().equals(targetPath.getPath());
 	}
+
+	public static boolean isPathTraversal(String dir, String fName) {
+		try {
+			Path path = Paths.get(dir).resolve(fName);
+			return !path.toAbsolutePath().equals(path.toRealPath());
+		}catch (Exception e){
+			return true;
+		}
+	}
 }
\ No newline at end of file
diff --git a/gxcompress/src/main/java/com/genexus/compression/GXCompressor.java b/gxcompress/src/main/java/com/genexus/compression/GXCompressor.java
index 85b4ed934..5b3f22918 100644
--- a/gxcompress/src/main/java/com/genexus/compression/GXCompressor.java
+++ b/gxcompress/src/main/java/com/genexus/compression/GXCompressor.java
@@ -639,20 +639,25 @@ private static void decompressTar(File archive, String directory) throws IOExcep
 		try (TarArchiveInputStream tis = new TarArchiveInputStream(Files.newInputStream(archive.toPath()))) {
 			TarArchiveEntry entry;
 			while ((entry = tis.getNextEntry()) != null) {
-				File newFile = new File(directory, entry.getName());
-				if (entry.isDirectory()) {
-					if (!newFile.isDirectory() && !newFile.mkdirs()) {
-						throw new IOException("Failed to create directory " + newFile);
-					}
-				} else {
-					File parent = newFile.getParentFile();
-					if (!parent.isDirectory() && !parent.mkdirs()) {
-						throw new IOException("Failed to create directory " + parent);
-					}
-					try (OutputStream out = Files.newOutputStream(newFile.toPath())) {
-						int len;
-						while ((len = tis.read(buffer)) != -1) {
-							out.write(buffer, 0, len);
+				if(CompressionUtils.isPathTraversal(directory, entry.getName())){
+					log.error(DIRECTORY_ATTACK + "{}", entry.getName());
+					return;
+				}else {
+					File newFile = new File(directory, entry.getName());
+					if (entry.isDirectory()) {
+						if (!newFile.isDirectory() && !newFile.mkdirs()) {
+							throw new IOException("Failed to create directory " + newFile);
+						}
+					} else {
+						File parent = newFile.getParentFile();
+						if (!parent.isDirectory() && !parent.mkdirs()) {
+							throw new IOException("Failed to create directory " + parent);
+						}
+						try (OutputStream out = Files.newOutputStream(newFile.toPath())) {
+							int len;
+							while ((len = tis.read(buffer)) != -1) {
+								out.write(buffer, 0, len);
+							}
 						}
 					}
 				}