Potential remote code execution via application startup configuration

The installation configuration user interface available to administrators allows specifying arbitrary Java Virtual Machine startup options. Some startup options, such as -XX:OnOutOfMemoryError, allow specifying a command to be run on the host. This can be abused to run arbitrary commands on the host, should an attacker gain administrative access to the application.

As of Gradle Enterprise 2021.1.2, such options are ignored.