diff --git a/gateway-service-impl/build.gradle.kts b/gateway-service-impl/build.gradle.kts
index 2caa403d..6b07a7d0 100644
--- a/gateway-service-impl/build.gradle.kts
+++ b/gateway-service-impl/build.gradle.kts
@@ -33,8 +33,8 @@ dependencies {
   implementation("com.google.guava:guava:32.1.2-jre")
   implementation("com.google.inject:guice:5.0.1")
 
-  implementation("com.fasterxml.jackson.core:jackson-annotations:2.15.2")
-  implementation("com.fasterxml.jackson.core:jackson-databind:2.15.2")
+  implementation("com.fasterxml.jackson.core:jackson-annotations:2.16.0")
+  implementation("com.fasterxml.jackson.core:jackson-databind:2.16.0")
 
   testImplementation("org.junit.jupiter:junit-jupiter:5.8.2")
   testImplementation("org.mockito:mockito-junit-jupiter:5.4.0")
diff --git a/gateway-service-impl/src/main/java/org/hypertrace/gateway/service/common/converters/StringToAttributeKindConverter.java b/gateway-service-impl/src/main/java/org/hypertrace/gateway/service/common/converters/StringToAttributeKindConverter.java
index 856b6456..52f8d207 100644
--- a/gateway-service-impl/src/main/java/org/hypertrace/gateway/service/common/converters/StringToAttributeKindConverter.java
+++ b/gateway-service-impl/src/main/java/org/hypertrace/gateway/service/common/converters/StringToAttributeKindConverter.java
@@ -25,7 +25,7 @@ public class StringToAttributeKindConverter extends ToAttributeKindConverter<Str
   public static final StringToAttributeKindConverter INSTANCE =
       new StringToAttributeKindConverter();
   private static final String STRING_ARRAY_NULL_VALUE = "null";
-  private static final List<String> LIST_WITH_NULL_VALUE = List.of("null");
+  private static final List<String> LIST_WITH_NULL_STRING_VALUE = List.of("null");
   private final ObjectMapper objectMapper = new ObjectMapper();
 
   private StringToAttributeKindConverter() {}
@@ -97,7 +97,7 @@ private List<String> convertToArray(String jsonString) {
     // handle special case when "null" string is returned as string array value(default value
     // scenario). "null" is still a valid value, and should be converted to list with "null" value
     if (STRING_ARRAY_NULL_VALUE.equals(jsonString)) {
-      return LIST_WITH_NULL_VALUE;
+      return LIST_WITH_NULL_STRING_VALUE;
     }
 
     // Check if the string is already in a list format.
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
index d3486420..74e475e7 100644
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@@ -9,15 +9,7 @@
     <cpe>cpe:/a:utils_project:utils</cpe>
     <cpe>cpe:/a:service_project:service</cpe>
   </suppress>
-  <suppress until="2023-07-31Z">
-    <notes><![CDATA[
-   Doesn't appear to be a real vulnerability, jackson maintainers discuss at https://github.com/FasterXML/jackson-databind/issues/3973
-   Revisit when suppression expires
-   ]]></notes>
-    <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
-    <vulnerabilityName>CVE-2023-35116</vulnerabilityName>
-  </suppress>
-  <suppress until="2023-11-30Z">
+  <suppress until="2023-12-31Z">
     <notes><![CDATA[
   This vulnerability is disputed, with the argument that SSL configuration is the responsibility of the client rather
   than the transport. The change in default is under consideration for the next major Netty release, revisit then.
@@ -29,4 +21,13 @@
     <packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
     <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
   </suppress>
+  <suppress until="2023-12-31Z">
+    <notes><![CDATA[
+   This CVE (rapid RST) is already mitigated as our servers aren't directly exposed, but it's also
+   addressed in 1.59.1, which the CVE doesn't reflect (not all grpc impls versions are exactly aligned).
+   Ref: https://github.com/grpc/grpc-java/pull/10675
+   ]]></notes>
+      <packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-.*@.*$</packageUrl>
+    <cve>CVE-2023-44487</cve>
+  </suppress>
 </suppressions>