# Automations: Do not fail on found CVE lacking a fix

Here is how to set up an automation rule that ensures the pipeline fails only if a CVE is found of a certain level AND a fix for it exists.

1. Set up a rule: "If `CVSS` is at least `High` then `flag as vulnerable`".
2. From the **Repositories** view, click a specific repository and then filter it by review status "= `Vulnerable".`
3. Check each vulnerability for any available fix. If not, select “Pause until a fix is available” under “Pause rule triggering” in the **Action** section. 
4. In the opening dialog, choose an appropriate **max pause time** in the drop-down. 
5. Click **Save** to confirm your selection and pause automation rules for the vulnerability.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.debricked.com/tips-and-tricks/workarounds/automations-do-not-fail-on-found-cve-lacking-a-fix.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.