Google Play policy violation in BridgeWebViewClient

[kappapl]

Hello,
a few months earlier I've received warning from Google, that my application violates the "Device and Network Abuse" policy.
I have been informed that:

• "We don't allow code that introduces or exploits security vulnerabilities. Check out the App Security Improvement Program to find out about the most recent security issues flagged to developers"

Finally Google removed my application from Google Play and gave more details:

• "Your app is currently using the following vulnerable implementation of SslErrorHandler: com/getcapacitor/BridgeWebViewClient"

I don't see anything suspicious in this class. Where is the SslErrorHandler used?

package com.getcapacitor;

import android.net.Uri;`
import android.webkit.WebResourceRequest;
import android.webkit.WebResourceResponse;
import android.webkit.WebView;
import android.webkit.WebViewClient;

public class BridgeWebViewClient extends WebViewClient {
private Bridge bridge;

public BridgeWebViewClient(Bridge bridge) {
this.bridge = bridge;
}

@OverRide
public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
return bridge.getLocalServer().shouldInterceptRequest(request);
}

@OverRide
public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request) {
Uri url = request.getUrl();
return bridge.launchIntent(url);
}

@OverRide
public boolean shouldOverrideUrlLoading(WebView view, String url) {
return bridge.launchIntent(Uri.parse(url));
}

}

[jcesarmobile]

As you can see, there are no traces of SslErrorHandler on Capacitor itself, so something else is modifying the code and adding that handler, a plugin maybe?