Got Mail From Google "Your app(s) are vulnerable to Intent Redirection" but cannot find vulnerability

Question

When I update my app then I got a mail from google showing

Hello Google Play Developer,

We reviewed your app and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user’s device, and may be considered to be in violation of our Malicious Behavior policy.

Vulnerability - Your app(s) are vulnerable to Intent Redirection.

But I am not doing any intent extraction or redirection. After searching a little bit I apply some solution like android:exported="false" but none of them works.

Now, I think some third party plugin is responsible for the vulnerability. How to find that vulnerability in my code?

Below is my build.gradle file

apply plugin: 'com.android.application'
apply plugin: 'com.google.gms.google-services'
apply plugin: 'com.google.firebase.crashlytics'

android {
    compileSdkVersion 29
    defaultConfig {
        minSdkVersion 21
        targetSdkVersion 29
        renderscriptTargetApi 18
        renderscriptSupportModeEnabled true
        multiDexEnabled true
        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
        resConfigs "en"

    }
    buildTypes {
        debug {
            firebaseCrashlytics {
                mappingFileUploadEnabled false
            }
        }
        release {
            minifyEnabled true
            shrinkResources true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
    compileOptions {
        sourceCompatibility = '1.8'
        targetCompatibility = '1.8'
    }
    externalNativeBuild {
        ndkBuild {
            path 'src/main/jni/Android.mk'
        }
    }
    dependencies {
        androidTestImplementation('androidx.test.espresso:espresso-core:3.1.1', {
            exclude group: 'com.android.support', module: 'support-annotations'
        })
        testImplementation 'junit:junit:4.12'
        implementation 'androidx.multidex:multidex:2.0.1'
        implementation fileTree(dir: 'libs', include: ['*.jar'])

        implementation 'androidx.appcompat:appcompat:1.2.0'
        implementation 'androidx.constraintlayout:constraintlayout:2.0.2'
        implementation 'androidx.legacy:legacy-support-v4:1.0.0'
        implementation 'androidx.recyclerview:recyclerview:1.1.0'
        implementation 'androidx.cardview:cardview:1.0.0'
        implementation "androidx.viewpager2:viewpager2:1.0.0"
        implementation 'com.github.bumptech.glide:glide:4.11.0'
        annotationProcessor 'com.github.bumptech.glide:compiler:4.11.0'
        implementation 'com.google.android.material:material:1.3.0-alpha03'
        //fix
        implementation 'com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava'
        implementation 'com.google.android.gms:play-services-basement:17.5.0'

        //Firebase
        implementation platform('com.google.firebase:firebase-bom:25.12.0')
        implementation 'com.google.firebase:firebase-auth'
        implementation 'com.google.firebase:firebase-database'
        implementation 'com.google.firebase:firebase-storage'
        implementation 'com.google.firebase:firebase-firestore'
        implementation 'com.google.firebase:firebase-messaging'
        implementation 'com.google.firebase:firebase-config'
        implementation 'com.google.firebase:firebase-analytics'
        implementation 'com.google.firebase:firebase-crashlytics'
        implementation 'com.google.firebase:firebase-inappmessaging-display'
        implementation 'com.firebaseui:firebase-ui-auth:6.3.0'

        // Google Sign In SDK (only required for Google Sign In)
        implementation 'com.google.android.gms:play-services-auth:18.1.0'
        implementation 'com.google.android.gms:play-services-identity:17.0.0'

        // Facebook Android SDK (only required for Facebook Login)
        implementation 'androidx.browser:browser:1.2.0'
        implementation 'com.facebook.android:facebook-android-sdk:7.1.0'

        //retrofit
        implementation 'com.squareup.retrofit2:retrofit:2.2.0'
        implementation 'com.squareup.retrofit2:converter-gson:2.2.0'
        implementation 'com.squareup.okhttp3:logging-interceptor:3.9.0'

        //json utilities
        implementation 'com.fasterxml.jackson.core:jackson-core:2.10.1'
        implementation 'com.fasterxml.jackson.core:jackson-annotations:2.10.1'
        implementation 'com.fasterxml.jackson.core:jackson-databind:2.10.1'

        //Paytm All-in-one SDK Payment Gateway
        implementation'com.paytm.appinvokesdk:appinvokesdk:1.5'
        //Circular ImageView
        implementation 'de.hdodenhof:circleimageview:2.2.0'
        //Number Picker
        implementation 'com.shawnlin:number-picker:2.4.7'
        //Version Compare
        implementation 'com.g00fy2:versioncompare:1.3.2'
        //Seekbar
        implementation 'com.github.warkiz.widget:indicatorseekbar:2.1.2'
        //country picker
        implementation 'com.hbb20:ccp:2.3.1'
        //TrueTime
        implementation 'com.github.instacart.truetime-android:library:3.4'
        //facebook ads
        implementation 'com.facebook.android:audience-network-sdk:6.1.0'
        //shimmer
        implementation 'com.facebook.shimmer:shimmer:0.5.0'
        //Loading Animation
        implementation 'com.wang.avi:library:2.1.3'
        //likeButton
        implementation 'com.github.varunest:sparkbutton:1.0.6'
    }

    configurations.all {
        resolutionStrategy.force 'com.android.support:support-annotations:28.0.0'
    }

}

---UPDATE---

Actually the problem was in the facebook sdk, after replacing it with only login-specific sdk of it, my app got approved by the play store.