Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a p sequence, (2) a P sequence, or (3) a P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop or crash) or execute arbitrary code.