diff --git a/frontend/server/src/main/java/org/pytorch/serve/wlm/ModelManager.java b/frontend/server/src/main/java/org/pytorch/serve/wlm/ModelManager.java
index d5f78c7f53..ad5214a8e9 100644
--- a/frontend/server/src/main/java/org/pytorch/serve/wlm/ModelManager.java
+++ b/frontend/server/src/main/java/org/pytorch/serve/wlm/ModelManager.java
@@ -380,13 +380,27 @@ private void setupModelDependencies(Model model)
     }
 
     private boolean isValidDependencyPath(File dependencyPath) {
-        if (dependencyPath
-                .toPath()
-                .normalize()
-                .startsWith(FileUtils.getTempDirectory().toPath().normalize())) {
+        try {
+            File canonicalDependencyPath = dependencyPath.getCanonicalFile();
+            File allowedBaseDir = FileUtils.getTempDirectory().getCanonicalFile();
+
+            // Ensure the dependency path is within the allowed base directory
+            if (!canonicalDependencyPath.toPath().startsWith(allowedBaseDir.toPath())) {
+                logger.warn("Dependency path is outside the allowed directory: {}", dependencyPath);
+                return false;
+            }
+
+            // Reject symbolic links
+            if (Files.isSymbolicLink(canonicalDependencyPath.toPath())) {
+                logger.warn("Dependency path is a symbolic link and is not allowed: {}", dependencyPath);
+                return false;
+            }
+
             return true;
+        } catch (IOException e) {
+            logger.error("Failed to validate dependency path: {}", dependencyPath, e);
+            return false;
         }
-        return false;
     }
 
     private Model createModel(