Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker's roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.
Conclusion & alert: CVE-2024-0985 is rated Moderate Risk (57.2/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.47%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.77% | 1.47% | +0.69% |
| 2 | 2026-03-19 | 0.73% | 0.77% | +0.04% |
| 3 | 2026-03-14 | — | 0.73% | — |
Full EPSS history (21 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 8.0 | 3.1 | HIGH |
|
2.1 | 5.9 | f86ef6dc-4d3a-42ad-8f28-e6d5547a5007 |
| 8.0 | 3.1 | HIGH |
|
2.1 | 5.9 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
alpine
|
— | CVE-2024-0985: 6 source package rows (postgresql, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17); 29 state rows across 12 repos (3.17-main, 3.18-main, 3.19-community, 3.19-main, 3.20-community, 3.20-main, 3.21-community, 3.21-main, 3.22-community, 3.22-main, edge-community, edge-main); fixed 22, open 7. | https://security.alpinelinux.org/vuln/CVE-2024-0985 |
debian
|
not yet assigned | CVE-2024-0985 not yet assigned priority: Debian including 2 source packages (postgresql-13, postgresql-15), 2 status rows across 2 suites (bookworm, bullseye): resolved 2. | https://security-tracker.debian.org/tracker/CVE-2024-0985 |
gentoo
|
normal | CVE-2024-0985: 1 GLSA(s) (202408-06), 1 atom(s) (dev-db/postgresql); latest impact normal. | https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2024-0985 |
redhat
|
high | — | https://access.redhat.com/security/cve/CVE-2024-0985 |
suse
|
high | CVE-2024-0985 severity important: SUSE including 555 source package names (15.6-17.9:libpq5-16.2-150200.5.10.1, 15.6-17.9:postgresql15-15.6-150200.5.22.1, …), 1614 product×package rows across 67 product lines (Container suse/postgres, Image SLES15-SP4-Manager-Server-4-3, … (67 product lines)): Fixed 1057, Known Not Affected 326, Known Affected 231. | https://www.suse.com/security/cve/CVE-2024-0985/ |
ubuntu
|
medium | CVE-2024-0985 medium priority: Ubuntu including 8 source packages (postgresql-10, postgresql-12, …), 88 status rows across 11 suites (bionic, focal, jammy, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial): DNE 70, released 10, ignored 5, needs-triage 2, deferred 1. | https://ubuntu.com/security/CVE-2024-0985 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| postgresql | postgresql | >= 12.0, < 12.18 | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* |
| postgresql | postgresql | >= 13.0, < 13.14 | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* |
| postgresql | postgresql | >= 14.0, < 14.11 | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* |
| postgresql | postgresql | >= 15.0, < 15.6 | cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* |