diff --git a/changelog/5686.improvement.rst b/changelog/5686.improvement.rst
new file mode 100644
index 000000000..e77997d87
--- /dev/null
+++ b/changelog/5686.improvement.rst
@@ -0,0 +1 @@
+``tmpdir_factory.mktemp`` now fails when given absolute and non-normalized paths.
diff --git a/src/_pytest/tmpdir.py b/src/_pytest/tmpdir.py
index bd8fb7d8a..b87e37167 100644
--- a/src/_pytest/tmpdir.py
+++ b/src/_pytest/tmpdir.py
@@ -45,8 +45,17 @@ class TempPathFactory:
             given_basetemp=config.option.basetemp, trace=config.trace.get("tmpdir")
         )
 
+    def _ensure_relative_to_basetemp(self, basename: str):
+        basename = os.path.normpath(basename)
+        if (self.getbasetemp() / basename).resolve().parent != self.getbasetemp():
+            raise ValueError(
+                "{} is not a normalized and relative path".format(basename)
+            )
+        return basename
+
     def mktemp(self, basename: str, numbered: bool = True) -> Path:
         """makes a temporary directory managed by the factory"""
+        basename = self._ensure_relative_to_basetemp(basename)
         if not numbered:
             p = self.getbasetemp().joinpath(basename)
             p.mkdir()
diff --git a/testing/test_tmpdir.py b/testing/test_tmpdir.py
index eb1c1f300..b7cf8d2b5 100644
--- a/testing/test_tmpdir.py
+++ b/testing/test_tmpdir.py
@@ -74,19 +74,38 @@ class TestConfigTmpdir:
         assert not mytemp.join("hello").check()
 
 
-def test_basetemp(testdir):
+testdata = [
+    ("mypath", True),
+    ("/mypath1", False),
+    ("./mypath1", True),
+    ("../mypath3", False),
+    ("../../mypath4", False),
+    ("mypath5/..", False),
+    ("mypath6/../mypath6", True),
+    ("mypath7/../mypath7/..", False),
+]
+
+
+@pytest.mark.parametrize("basename, is_ok", testdata)
+def test_mktemp(testdir, basename, is_ok):
     mytemp = testdir.tmpdir.mkdir("mytemp")
     p = testdir.makepyfile(
         """
         import pytest
-        def test_1(tmpdir_factory):
-            tmpdir_factory.mktemp('hello', numbered=False)
-    """
+        def test_abs_path(tmpdir_factory):
+            tmpdir_factory.mktemp('{}', numbered=False)
+        """.format(
+            basename
+        )
     )
+
     result = testdir.runpytest(p, "--basetemp=%s" % mytemp)
-    assert result.ret == 0
-    print(mytemp)
-    assert mytemp.join("hello").check()
+    if is_ok:
+        assert result.ret == 0
+        assert mytemp.join(basename).check()
+    else:
+        assert result.ret == 1
+        result.stdout.fnmatch_lines("*ValueError*")
 
 
 def test_tmpdir_always_is_realpath(testdir):