That's superficial. How many "high level languages" roll their own SSL from scratch? I'd bet most of them link down to the C++ libssl, so of course that one gets a lot of heat, but it also means it's a very robust piece of software.

Don't shift the goal posts, we're talking specifically about dependencies and dependency driven bugs.

Languages like C++ that lack memory safety have the irritating property that a memory safety error anywhere in the dependency tree can be exploited to attack unrelated parts of the binary. In most languages you don’t have to worry that some stateless pure-function log formatter is secretly the gap in your armor.