diff --git a/src/server/routers/ingest.py b/src/server/routers/ingest.py
index 514db272..521b7de0 100644
--- a/src/server/routers/ingest.py
+++ b/src/server/routers/ingest.py
@@ -112,7 +112,10 @@ async def download_ingest(ingest_id: str) -> FileResponse:
     - **HTTPException**: **403** - the process lacks permission to read the directory or file
 
     """
-    directory = TMP_BASE_PATH / ingest_id
+    # Normalize and validate the directory path
+    directory = (TMP_BASE_PATH / ingest_id).resolve()
+    if not str(directory).startswith(str(TMP_BASE_PATH.resolve())):
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail=f"Invalid ingest ID: {ingest_id!r}")
 
     if not directory.is_dir():
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"Digest {ingest_id!r} not found")