Describe the issue
At the moment checkov uses asteval v1.0.5 as a dependency that has CVE-2025-24359 fixed in v1.0.6
It would be better to have it updated by refreshing Pipfile with

asteval = "==1.0.6"

Version (please complete the following information):

• Checkov Version [3.2.454]