diff --git a/pkg/archive/diff.go b/pkg/archive/diff.go
index eabb7c48ff..856cedcead 100644
--- a/pkg/archive/diff.go
+++ b/pkg/archive/diff.go
@@ -18,6 +18,8 @@ import (
 // ApplyLayer parses a diff in the standard layer format from `layer`, and
 // applies it to the directory `dest`.
 func ApplyLayer(dest string, layer ArchiveReader) error {
+	dest = filepath.Clean(dest)
+
 	// We need to be able to set any perms
 	oldmask, err := system.Umask(0)
 	if err != nil {
@@ -91,6 +93,12 @@ func ApplyLayer(dest string, layer ArchiveReader) error {
 
 		path := filepath.Join(dest, hdr.Name)
 		base := filepath.Base(path)
+
+		// Prevent symlink breakout
+		if !strings.HasPrefix(path, dest) {
+			return breakoutError(fmt.Errorf("%q is outside of %q", path, dest))
+		}
+
 		if strings.HasPrefix(base, ".wh.") {
 			originalBase := base[len(".wh."):]
 			originalPath := filepath.Join(filepath.Dir(path), originalBase)