By using temporary objects, unprivileged user can execute function with permissions of security-definer.
vulners.com/securityvulns/securityvulns:doc:16836