diff --git a/src/tzdb.rs b/src/tzdb.rs
index d8b3398cb..4fcc3ccf9 100644
--- a/src/tzdb.rs
+++ b/src/tzdb.rs
@@ -167,12 +167,19 @@ impl Tzif {
 
     #[cfg(target_family = "unix")]
     pub fn read_tzif(identifier: &str) -> TemporalResult<Self> {
+        // Protect from path traversal attacks
+        if identifier.starts_with('/') || identifier.contains('.') {
+            return Err(TemporalError::range().with_message("Ill-formed timezone identifier"));
+        }
         let mut path = PathBuf::from(ZONEINFO_DIR);
         path.push(identifier);
         Self::from_path(&path)
     }
 
     pub fn from_path(path: &Path) -> TemporalResult<Self> {
+        if !path.exists() {
+            return Err(TemporalError::range().with_message("Unknown timezone identifier"));
+        }
         tzif::parse_tzif_file(path)
             .map(Into::into)
             .map_err(|e| TemporalError::general(e.to_string()))