In complete fairnes to PBs, PBs have a heck of a lot less surface area than ASN.1. You could argue, why not use a subset of ASN.1, but it seems people have trouble agreeing which subset to use.

I don't agree with that. PB is practically the same as DER. All the attack surface area lies in the codec, specifically in the decoder.