Comment 1 for bug 1213241

I'd say this could be valid for OSSA because you escalate from DB compromise (DoS, data exploitation) to remote code execution with the glance user rights...