Your project must restrict allowed classes when using unserialize()

More information: https://insight.symfony.com/what-we-analyse/php.use_unserialize_without_allowed_classes

in Core/ClicShopping/Sites/Shop/Shop.php, line 105 
  1.             $redis = $redis_client;
  2.             $raw = $redis->get($cache_key);
  4.             // phpredis ne sérialise pas les tableaux : la valeur est stockée via serialize()
  5.             if ($raw !== false) {
  6.               $decoded = @unserialize($raw);
    unserialize() is called without the allowed_classes option, which can lead to PHP object injection attacks.
    Time to fix: about 15 minutes
    Read doc
                Open Issue
             Permalink Copy Prompt
    
                                    Last edited  by clicshopping
                    
  8.               if (is_array($decoded)) {
  9.                 $cached_config = $decoded;
  10.               }
  11.             }