Automations: Do not fail on found CVE lacking a fix

Here's how to set up an automation rule that ensures the pipeline fails only if a CVE is found of a certain level AND a fix for it exists.

1. Set up a rule: "If CVSS is at least High then flag as vulnerable "

2. From the Repositories view, click on a specific repository and then filter it by review status = Vulnerable

3. Go one by one in each vulnerability to check if there is a fix version available. If not, select “Pause until a fix is available” under “Pause rule triggering” in the Action section. Then, in the opening dialog, choose an appropriate max pause time in the dropdown. Click Save to confirm your selection and pause automation rules for the vulnerability.