From fb084756429aab70bb83becfa44a829a8606c431 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 29 Jun 2026 07:42:17 +0000
Subject: [PATCH] Bump org.apache.tomcat.embed:tomcat-embed-websocket

Bumps org.apache.tomcat.embed:tomcat-embed-websocket from 11.0.22 to 11.0.23.

---
updated-dependencies:
- dependency-name: org.apache.tomcat.embed:tomcat-embed-websocket
  dependency-version: 11.0.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 build.gradle.kts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 3cba297..57d2774 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -28,9 +28,9 @@ dependencies {
   // Override Spring Boot 4.0.6's managed Tomcat 11.0.21 to patch
   // CVE-2026-41293/-43512/-43515/-41284/-42498/-43513 (fixed in 11.0.22)
   constraints {
-    implementation("org.apache.tomcat.embed:tomcat-embed-core:11.0.22")
-    implementation("org.apache.tomcat.embed:tomcat-embed-el:11.0.22")
-    implementation("org.apache.tomcat.embed:tomcat-embed-websocket:11.0.22")
+    implementation("org.apache.tomcat.embed:tomcat-embed-core:11.0.23")
+    implementation("org.apache.tomcat.embed:tomcat-embed-el:11.0.23")
+    implementation("org.apache.tomcat.embed:tomcat-embed-websocket:11.0.23")
 
     // Override Spring Boot 4.1.0's managed jackson-databind 2.21.3 to patch
     // CVE-2026-54512/-54513 (PolymorphicTypeValidator bypasses, fixed in 2.21.4).