Snyk has a published code exploit for this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsAvoid using boogeyman
altogether.
boogeyman is a malicious package that would download a payload from pastebin.com, eval it to read ssh keys and the users .npmrc and send them to a private pastebin account.