Set `create_issue_url` as nil if issues are disabled

ee/app/helpers/vulnerabilities_helper.rb

@@ -10,7 +10,7 @@ module VulnerabilitiesHelper
 
     result = {
       timestamp: Time.now.to_i,
-      create_issue_url: create_issue_project_security_vulnerability_path(vulnerability.project, vulnerability),
+      create_issue_url: create_issue_url_for(vulnerability),
       has_mr: !!vulnerability.finding.merge_request_feedback.try(:merge_request_iid),
       create_mr_url: create_vulnerability_feedback_merge_request_path(vulnerability.finding.project),
       discussions_url: discussions_project_security_vulnerability_path(vulnerability.project, vulnerability),
@@ -26,6 +26,12 @@ module VulnerabilitiesHelper
     result.merge(vulnerability_data(vulnerability), vulnerability_finding_data(vulnerability))
   end
 
+  def create_issue_url_for(vulnerability)
+    return unless vulnerability.project.issues_enabled?
+
+    create_issue_project_security_vulnerability_path(vulnerability.project, vulnerability)
+  end
+
   def vulnerability_pipeline_data(pipeline)
     return unless pipeline
 

ee/spec/helpers/vulnerabilities_helper_spec.rb

@@ -69,6 +69,16 @@ RSpec.describe VulnerabilitiesHelper do
         can_modify_related_issues: false
       )
     end
+
+    context 'when the issues are disabled for the project' do
+      before do
+        allow(project).to receive(:issues_enabled?).and_return(false)
+      end
+
+      it 'has `create_issue_url` set as nil' do
+        expect(subject).to include(create_issue_url: nil)
+      end
+    end
   end
 
   describe '#vulnerability_details' do