diff --git a/pom.xml b/pom.xml
index 2b12a89383..e4a3c3ba39 100644
--- a/pom.xml
+++ b/pom.xml
@@ -58,6 +58,7 @@
     <apache.commons.lang3.version>3.11</apache.commons.lang3.version>
     <apache.commons.collections4.version>4.4</apache.commons.collections4.version>
     <apache.commons.compress>1.20</apache.commons.compress>
+    <apache.commons.io>2.8.0</apache.commons.io>
     <common.codec.version>1.15</common.codec.version>
     <spring.boot.version>2.3.5.RELEASE</spring.boot.version>
     <spring.version>5.2.9.RELEASE</spring.version>
@@ -113,6 +114,11 @@
         <artifactId>commons-compress</artifactId>
         <version>${apache.commons.compress}</version>
       </dependency>
+      <dependency>
+        <groupId>commons-io</groupId>
+        <artifactId>commons-io</artifactId>
+        <version>${apache.commons.io}</version>
+      </dependency>
       <dependency>
         <groupId>com.github.ben-manes.caffeine</groupId>
         <artifactId>caffeine</artifactId>
diff --git a/util/pom.xml b/util/pom.xml
index 7077c8a95c..c92a4b2c01 100644
--- a/util/pom.xml
+++ b/util/pom.xml
@@ -46,6 +46,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
diff --git a/util/src/main/java/io/kubernetes/client/Copy.java b/util/src/main/java/io/kubernetes/client/Copy.java
index 1c21dd655c..182aaea848 100644
--- a/util/src/main/java/io/kubernetes/client/Copy.java
+++ b/util/src/main/java/io/kubernetes/client/Copy.java
@@ -42,6 +42,7 @@
 import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
 import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
 import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
+import org.apache.commons.io.FilenameUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -188,7 +189,11 @@ public Future<Integer> copyDirectoryFromPodAsync(
           log.error("Can't read: " + entry);
           continue;
         }
-        File f = new File(destination.toFile(), entry.getName());
+        String normalName = FilenameUtils.normalize(entry.getName());
+        if (normalName == null) {
+          throw new IOException("Invalid entry: " + entry.getName());
+        }
+        File f = new File(destination.toFile(), normalName);
         if (entry.isDirectory()) {
           if (!f.isDirectory() && !f.mkdirs()) {
             throw new IOException("create directory failed: " + f);