Given that this vulnerability was due to a use-after-free, definitely the language. Such a thing is impossible in memory-safe languages (Rust being the most obvious comparison).