DefectDojo · tejas0077 · Mar 15, 2026 · Mar 15, 2026 · Jun 17, 2026 · Jun 17, 2026
@@ -0,0 +1,19 @@
+---
+title: 'Upgrading to DefectDojo Version 3.1.0'
+toc_hide: true
+weight: -20260617
+description: Tenable Hash Code Change
+---
+## Change: Tenable Hash Code Calculation
+The `description` field has been removed from the Tenable scan parser hash code configuration. The deduplication hash is now calculated using only: `title`, `severity`, `vulnerability_ids`, and `cwe`.
+
+The `description` field contained dynamic plugin output data (scan results, timestamps, affected hosts) that changed between scans of the same vulnerability, causing deduplication to fail and creating duplicate findings on reimport.
+
+### Impact
+Existing Tenable findings may be marked as closed and recreated as new findings due to the change in hash values.
+
+### Required Actions
+After upgrading, run the following command to recalculate hash codes for existing Tenable findings:
+
+    python manage.py dedupe --hash_code_only
+
@@ -1013,7 +1013,7 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param
     "Dependency Track Finding Packaging Format (FPF) Export": ["component_name", "component_version", "vulnerability_ids"],
     "Horusec Scan": ["title", "description", "file_path", "line"],
     "Mobsfscan Scan": ["title", "severity", "cwe", "file_path", "description"],
-    "Tenable Scan": ["title", "severity", "vulnerability_ids", "cwe", "description"],
+    "Tenable Scan": ["title", "severity", "vulnerability_ids", "cwe"],
     "Nexpose Scan": ["title", "severity", "vulnerability_ids", "cwe"],
     # possible improvement: in the scanner put the library name into file_path, then dedup on cwe + file_path + severity
     "NPM Audit Scan": ["title", "severity", "file_path", "vulnerability_ids", "cwe"],