Brubbish

**Name of the Vulnerable Software and Affected Versions** lxml versions prior to 6.1.0 **Description** Using the default configuration with the `resolve entities` variable set to `True` allows untrusted XML input to read local files. This issue affects the `iterparse()` and `ETCompatXMLParser()` functions. **Recommendations** Update to version 6.1.0. As a temporary workaround, explicitly set the `resolve entities` variable to `internal` or `False` to disable local file access.