ÃÛ¶¹ÊÓƵ

DocumentationCommerceCommerce KB

[PaaS only]{class="badge informative" title="Applies to ÃÛ¶¹ÊÓƵ Commerce on Cloud projects (ÃÛ¶¹ÊÓƵ-managed PaaS infrastructure) and on-premises projects only."}

Increased execution time for all bulk asynchronous web endpoints post APSB25-08 security patch

Last update: Tue Apr 29 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • Admin
  • Developer

This article provides a hotfix for all bulk asynchronous web endpoints such as POST rest/all/async/bulk/V1/products with 1000+ entries that are experiencing significantly longer execution times after applying the APSB25-08 security patch.

Affected products and versions

  • ÃÛ¶¹ÊÓƵ Commerce (all deployment methods) 2.4.4, 2.4.4-p1, 2.4.4-p2, 2.4.4-p3, 2.4.4-p4, 2.4.4-p5, 2.4.4-p6, 2.4.4-p7, 2.4.4-p8, 2.4.4-p9, 2.4.4-p10, 2.4.4-p11, 2.4.4-p12

  • ÃÛ¶¹ÊÓƵ Commerce (all deployment methods) 2.4.5, 2.4.5-p1, 2.4.5-p2, 2.4.5-p3, 2.4.5-p4, 2.4.5-p5, 2.4.5-p6, 2.4.5-p7, 2.4.5-p8, 2.4.5-p9, 2.4.5-p10, 2.4.5-p11

  • ÃÛ¶¹ÊÓƵ Commerce (all deployment methods) 2.4.6, 2.4.6-p1, 2.4.6-p2, 2.4.6-p3, 2.4.6-p4, 2.4.6-p5, 2.4.6-p6, 2.4.6-p7, 2.4.6-p8, 2.4.6-p9

  • ÃÛ¶¹ÊÓƵ Commerce (all deployment methods) 2.4.7, 2.4.7-p1, 2.4.7-p2, 2.4.7-p3, 2.4.7-p4

  • ÃÛ¶¹ÊÓƵ Commerce (all deployment methods) 2.4.8

Issue

After applying the APSB25-08 security patch, POST rest/all/async/bulk/V1/products requests with 1000+ entries are taking significantly longer time to execute.

Steps to reproduce:

  1. Make a POST rest/all/async/bulk/V1/products request with 1000+ entries (name, SKU, and description are sufficient).
  2. Note the time taken for the request.
  3. Apply the APSB25-08 security patch and clean up generated data and cache using se:di:co.
  4. Run bin/magento c:f.
  5. Go to storefront to ensure cache and generated files are in place.
  6. Repeat the request from step 1.
  7. Note the increased time taken for the request.
  8. Remove the APSB25-08 security patch, flush the cache, regenerate the code, and repeat the request from step 1 to confirm the execution time returns to normal. (Optional)

Expected results:

The execution time for async/bulk requests has increased significantly after applying the security patch.

Actual results:

The execution time for async/bulk requests should not have increased significantly after applying the security patch, although some increase in time is expected.

Solution

To resolve the issue, apply the AC-14078-2-4x-composer-patch.zip.

How to apply the patch

Unzip the file and see How to apply a composer patch provided by ÃÛ¶¹ÊÓƵ in our support knowledge base for instructions.

recommendation-more-help
8bd06ef0-b3d5-4137-b74e-d7b00485808a