Blank images cause ZIP Bomb Error

[AuxiliumCDNG]

Hey there,

one of our customers seems to have some products with blank (meaning just white or single color) or very "simple" images. Some of them trip the detection for ZIP Bombs because the compression ratio is to big (one image that causes the problem: 25761 Bytes uncompressed; 163 Bytes compressed).

I found this check:

connector-core/src/Compression/Zip.php

Line 55 in b3b00eb

if ($size / $compSize > 100) {

Is that known/intended behavior? I think all ratios should be averaged and then checked, if you want to keep the check like this.
(Is that check really neccessary? Maybe there are better ways?)

Would be happy to look into it and maybe implement my suggestion above if thats desired.

Looking forward to hearing back from you.